corben.io

corben.io


infosec write-ups and ramblings

Tags


Corben Leo

infosec write-ups and ramblings


A Fun SSRF through a Headless Browser

I found a Server-Side Request Forgery in March 2022 (well, more than one luckily)! But let's talk about the coolest one. So you can learn. I don't like talking about bounty amounts. (It's ok if you do, we all get excited) Instead, I'll show you how I found it: The scope of this program was *.β–ˆβ–ˆβ–ˆ.…

Corben Leo Corben Leo

Learn to Hack Web Apps

So you want to learn to hack. Want to participate in bug bounty? No problem. Here's a roadmap to follow so you can learn web hacking. Just remember: "Enduring growth cannot be achieved without a commitment to process"Learn to love the process of learning and bettering yourself. Take time to underst…

Corben Leo Corben Leo