Open in app

Sign In

Write

Sign In

Abdullah Mohamed
Abdullah Mohamed

295 Followers

Home

About

Dec 29, 2022

Exploiting Cross Site Scripting (XSS) in Web3

Introduction Cross-Site Scripting (XSS) is a type of cyber attack in which an attacker injects malicious code into a website or web application. The injected code is usually in the form of a script, which is then executed by the victim’s web browser. …

Web 3

7 min read

Exploiting Cross Site Scripting (XSS) in Web3
Exploiting Cross Site Scripting (XSS) in Web3
Web 3

7 min read


Dec 25, 2021

XSS through image proxy using SVG image

Hi everyone, today’s story will be short because there are not many details in it. I got a private invitation to hunt in the program, once I opened the website, I used to check the place of images and JS files, because if they are uploaded on service like Amazon…

Cybersecurity

2 min read

XSS through image proxy using SVG image
XSS through image proxy using SVG image
Cybersecurity

2 min read


Jul 28, 2021

How I earned $$$$ by Amazon S3 Bucket misconfigurations?

Hi all, in this story I will talk about several misconfiguration that I found related to the Amazon S3 Buckets. Also I will mention some tricks and tools that will help you to find this type of vulnerability. What is the important tools? At first and before use any other tools, you have to install…

Bug Bounty

5 min read

How I earned $$$$ by Amazon S3 Bucket misconfigurations?
How I earned $$$$ by Amazon S3 Bucket misconfigurations?
Bug Bounty

5 min read


Jul 16, 2021

IDOR leads to leak medical insurance documents

Hi everyone, today I will talk about IDOR vulnerability that I found it in a insurance company that leaks the medical insurance documents of nearly 100,000 customers. At first, I will tell you a little story about how I found this company? One day, I applied for a visa to travel to Saudi Arabia, and among the requirements for obtaining a visa is to obtain…

Bug Bounty

4 min read

IDOR leads to leak medical insurance documents
IDOR leads to leak medical insurance documents
Bug Bounty

4 min read


Mar 24, 2021

Bypass rate limit to enumeration users through Google Drive

Hi everyone, today I’m gonna took about vulnerability that I found it in Google. In fact, when I sent the report to Google, it wasn’t a vulnerability, but I will tell you how I escalated the risk and bypass rate limit. At first, I browsed Google drive looking for feature…

Google

6 min read

Bypass rate limit to enumeration users through Google Drive
Bypass rate limit to enumeration users through Google Drive
Google

6 min read


Mar 5, 2021

The easiest $2500 I got it from bug bounty program

Hi all, today I will talk about first vulnerability I found it. At that time, I knew little about information security, so I was not do scan or something like that, I used to use the application as a normal user, but curiosity pushed me to find this vulnerability. How I found the vulnerability? One…

Uber

3 min read

The easiest $2500 I got it from bug bounty program
The easiest $2500 I got it from bug bounty program
Uber

3 min read


Dec 15, 2020

How I hacked IBM and got full access on many services?

Hi everyone, today I’m gonna talk about vulnerability that I found it in IBM that allowed me to get full access on many services. At first, I opened shodan and searched for: Org:'ibm' tomcat I browsed some servers, but I didn’t find anything interesting, until I found this server and…

Bug Bounty

4 min read

How I hacked IBM and got full access on many services?
How I hacked IBM and got full access on many services?
Bug Bounty

4 min read

Abdullah Mohamed

Abdullah Mohamed

295 Followers

https://www.twitter.com/3bodymo_

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech