This post is regarding my findings on Synack Red Team. The findings included a total of 4 SSRFs. One of them being a fully unauthenticated SSRF leading to high privileged account takeover.

A writeup about my failures while doing bug bounty

This blog is about my findings while on a workcation to Goa with my hacker friends.

A writeup about my finding on Synack that was an XXE that allowed me to read local files stored on the web server.

A writeup about a recent NoSQL injection I found in Synack Red Team