@bbwriteup profile picture
BBWriteup @bbwriteup

Security Researches, Exploit, New Updates & more

Joined September 2024
  • Tweets 16,586
  • Following 0
  • Followers 657
3 Photos and videos
"IDOR — The Easiest Critical Bug You’ll Ever Find" by Nitin yadav #InfoSec #CyberSecurity #Hacking #Vulnerability kd-200.medium.com/idor-the-e…

IDOR — The Easiest Critical Bug You’ll Ever Find

Hey friends! Nitin here, and today we’re finding our FIRST real bug 🎉

kd-200.medium.com
2
20
"Threat Intelligence|From Python to Bun: Cross-Runtime Attack Chain Analysis of the Shai-Hulud Hades…" by SlowMist #InfoSec #CyberSecurity #Hacking #Vulnerability slowmist.medium.com/threat-i…

Threat Intelligence|From Python to Bun: Cross-Runtime Attack Chain Analysis of the Shai-Hulud Hades…

Background

slowmist.medium.com
22
"Why Your Subdomain Takeover Reports Keep Getting Closed as N/A (And How to Fix It)." by Omar Mahmoud #InfoSec #CyberSecurity #Hacking #Vulnerability medium.com/@omaroymdm/why-yo…

Why Your Subdomain Takeover Reports Keep Getting Closed as N/A (And How to Fix It).

Subdomain Takeover is often described as one of the easiest vulnerabilities to find in Bug Bounty programs. Even today, hunters continue to…

medium.com
17
"Prompt Injection 101-The Ghost in the Machine: Engineering a Modular Showcase for Indirect Prompt…" by Alain Airom (Ayrom) #InfoSec #CyberSecurity #Hacking #Vulnerability alain-airom.medium.com/promp…

Prompt Injection 101-The Ghost in the Machine: Engineering a Modular Showcase for Indirect Prompt…

An introduction to prompt injection!

alain-airom.medium.com
39
"Malware Analysis: Understanding and Defeating Malicious Software" by Career Technology Cyber Security India Pvt. Ltd. #InfoSec #CyberSecurity #Hacking #Vulnerability medium.com/@careertechnology…

Malware Analysis: Understanding and Defeating Malicious Software

Cybercriminals use malware to steal data, disrupt operations, and gain unauthorized access to systems. To effectively defend against these…

medium.com
37
"How to Use Claude Code for Bug Hunting — For Free (A Beginner’s Guide)" by sallam #InfoSec #CyberSecurity #Hacking #Vulnerability h0tak88r.medium.com/how-to-u…

How to Use Claude Code for Bug Hunting — For Free (A Beginner’s Guide)

If you’re brand new to AI-assisted bug bounty and every guide you’ve opened assumes you already know what “MCP” or “skills” or “agentic”…

h0tak88r.medium.com
44
"Oracle Zero-Day Attack Targets Universities: Inside the ShinyHunters PeopleSoft Exploit" by Casi Borg #InfoSec #CyberSecurity #Hacking #Vulnerability medium.com/@casi.borg/oracle…

Oracle Zero-Day Attack Targets Universities: Inside the ShinyHunters PeopleSoft Exploit

Most university students will never know if a cybercriminal briefly had access to their records. That’s what makes incidents like the…

medium.com
52
"AI-Powered Worms: A Glimpse Into the Future of Cyber Attacks" by Sebastian Kandler #InfoSec #CyberSecurity #Hacking #Vulnerability medium.com/@sebastian.kandle…

AI-Powered Worms: A Glimpse Into the Future of Cyber Attacks

A recent research paper, “AI Agents Enable Adaptive Computer Worms”, offers a fascinating and somewhat unsettling glimpse into how…

medium.com
30
"Recovering a Forgotten Password in a Self-Hosted n8n Docker Deployment" by Raymond Ebonine #InfoSec #CyberSecurity #Hacking #Vulnerability infosecwriteups.com/recoveri…

Recovering a Forgotten Password in a Self-Hosted n8n Docker Deployment

Learn how to recover complete access to a self-hosted n8n Docker deployment when password reset emails fail.

infosecwriteups.com
39
"DVWA Cheat Sheet (Low & Medium)" by Loay Salah #InfoSec #CyberSecurity #Hacking #Vulnerability infosecwriteups.com/dvwa-che…

DVWA Cheat Sheet (Low & Medium)

Damn Vulnerable Web Application

infosecwriteups.com
33
"Stop Relying on Scanners: The Uncomfortable Truth About Modern Penetration Testing" by Dhanush N #InfoSec #CyberSecurity #Hacking #Vulnerability dhanushnehru.medium.com/stop…

Stop Relying on Scanners: The Uncomfortable Truth About Modern Penetration Testing

Technical skills alone will not save you. Here is the exact mindset that separates elite security professionals from automated tool…

dhanushnehru.medium.com
1
56
"I Simulated an SSH Brute-Force Attack on My Ubuntu Server — Here’s How Fail2Ban Stopped It" by Handhika Yanuar Pratama #InfoSec #CyberSecurity #Hacking #Vulnerability infosecwriteups.com/i-simula…

I Simulated an SSH Brute-Force Attack on My Ubuntu Server — Here’s How Fail2Ban Stopped It

Building a simple attack lab to understand how Fail2Ban detects and blocks repeated SSH login attempts.

infosecwriteups.com
36
"Header Manipulation: Bypasses, Probing, and the Security Audit Nobody Does" by Roshan Rajbanshi #InfoSec #CyberSecurity #Hacking #Vulnerability infosecwriteups.com/header-m…

Header Manipulation: Bypasses, Probing, and the Security Audit Nobody Does

Request headers are not metadata. They are inputs, and inputs can be manipulated.

infosecwriteups.com
24
"The Corix Partners Friday Reading List — June 12, 2026" by JC Gaillard #InfoSec #CyberSecurity #Hacking #Vulnerability medium.com/the-corix-partner…

The Corix Partners Friday Reading List — June 12, 2026

Top 10 Leadership and Management links of the week, curated by Corix Partners Founder and CEO JC Gaillard, focusing on cyber security of…

medium.com
27
"AI Agent Security Guide: How to Prevent Prompt Injection Attack" by Ana Bildea, PhD #InfoSec #CyberSecurity #Hacking #Vulnerability medium.com/@anna.bildea/ai-a…

AI Agent Security Guide: How to Prevent Prompt Injection Attack

Learn how AI agents work, the risks of indirect prompt injection, and the best security practices for 2026.

medium.com
28
"Bypassing Web Application Firewalls: A Practical Guide to Stored XSS" by Pankaj Kumar Yadav #InfoSec #CyberSecurity #Hacking #Vulnerability medium.com/@pankaj_73968/byp…

Bypassing Web Application Firewalls: A Practical Guide to Stored XSS

A real-world case study on WAF evasion techniques and stored cross-site scripting vulnerabilities

medium.com
1
55
"The Difference Between a Bug and a Feature (And Why It Matters)" by Decline #InfoSec #CyberSecurity #Hacking #Vulnerability medium.com/@bughunting/the-d…

The Difference Between a Bug and a Feature (And Why It Matters)

Not everything broken is a vulnerability. Here’s how to know the difference.

medium.com
11
"7 Swift Concurrency Bugs That Shipped to Production" by Jerry PM #InfoSec #CyberSecurity #Hacking #Vulnerability 21zerixpm.medium.com/7-swift…

7 Swift Concurrency Bugs That Shipped to Production

And the Patterns That Prevent Them

21zerixpm.medium.com
15
"How to Secure Your Browser: Block Adult Content Using DNS over HTTPS ?" by Stack Architect #InfoSec #CyberSecurity #Hacking #Vulnerability medium.com/illumination/how-…

How to Secure Your Browser: Block Adult Content Using DNS over HTTPS ?

What is DNS over HTTPS (DoH)? ​Every time you type a website address (like medium.com) into your browser, your computer uses a Domain Name…

medium.com
41
"Certificate Transparency as a Timeline Source: Reading CT Logs Like a Forensic Notebook" by Sigmund Brandstaetter CISSP, CCSP, CISM, OSCP, CEH #InfoSec #CyberSecurity #Hacking #Vulnerability osintteam.blog/certificate-t…

Certificate Transparency as a Timeline Source: Reading CT Logs Like a Forensic Notebook

Subscribe to my self hosted blog to get future posts that may not appear on medium anymore:

osintph.medium.com
87
Load more