Daily Bug Bounty Writeups by @Piyush Kumawat
This repository contains Bug Bounty writeups
-
💯July 18, 2026 - Bypassing Rate Limiting on a Password Reset Endpoint With a Single Whitespace Character
-
💯July 18, 2026 - Breaking the iframes: Modern Clickjacking Attacks Explained
-
💯July 18, 2026 - Breaking Directories: A Bug Hunter’s Guide to Directory Traversal
-
💯July 18, 2026 - This Free Tool Showed Me A Company’s Deleted API Keys From 2019
-
💯July 18, 2026 - I Found 400 Hidden Subdomains On My First Target Using One Free Tool
-
💯July 17, 2026 - I Ignored the Lab Instructions and Solved It My Own Way -Here’s What I Learned
-
💯July 17, 2026 - I Found a CSRF-Style Bug in Proton and Earned a $200 Bounty.
-
💯July 17, 2026 - The Night Claude Found a Critical IDOR and Deleted the Test Account
-
💯July 17, 2026 - I Built a Bug Bounty Recon Tool That Automates the Boring Parts (So I Don’t Have To)
-
💯July 17, 2026 - From User to Admin: The Story of Privilege Escalation