Disclosed. May 25, 2025: From Nepal to NahamCon. XSS Smuggling, NoSQL Injection, and Updates to Burp and Caido

NahamCon 2025 Recap and Highlights 
🔗 Tweet by Ben Sadeghipour

Celebrating the conclusion of NahamCon 2025, sharing community highlights and expressions of gratitude.
Read the full tweet →

The Bug Bounty Community in Cybersecurity with Harley Kimball - DEFCON - Coffee & Pizza Podcast #025 
🎥 Video by Coffee&&Pizza

In this episode, Harley Kimball discusses his cybersecurity journey, from ethical hacking to community management at HackerOne, emphasizing collaboration and networking for aspiring professionals. The conversation also covers the role of AI in security and its implications for pentesting.
Watch video →

Highlights from Nepal's First Open Bug Bounty Event 
🔗 Tweet by Ananda Dhakal

Summarizing Nepal's inaugural open bug bounty event, noting key networking opportunities and live interviews with participants.
Read the full tweet →

Have something you want to Spotlight? Tell me.

RyotaK’s Recognition at Meta's Bug Bounty Conference 
🔗 Tweet by RyotaK

Expressing gratitude for receiving the Most Impact award at Meta's Bug Bounty Researcher Conference in Tokyo.
Read the full tweet →

New HackenProof Bug Bounty Offering Up to $250K 
🔗 Tweet by Flow.com

A new bug bounty program on HackenProof offers rewards up to $250,000 for identifying critical vulnerabilities, promoting extensive participation in the security community.
Read the full tweet →

Did I miss an important update? Tell me.

New Caido Plugin Facilitates Collaboration with Drop 
🔗 Tweet by Caido

Introducing 'Drop', a collaboration plugin for Caido that enables users to share objects seamlessly with collaborators.
Read the full tweet →

Exciting New Enhancements in Burp Suite 
🔗 Thread by James Kettle

Detailing recent enhancements in Burp Suite, the update highlights performance improvements and new features aimed at benefiting security testers.
Read the full thread →

Try the Enhanced Uff: A New Fork of Ffuf 
🔗 Thread by sw33tLie

A new fork of the ffuf tool, named Uff, is introduced, offering improvements in performance for bug bounty hunters.
Read the full thread →

New Burp Suite Extension Integrates SQLmap for Easy Use 
🔗 Tweet by Yousef

Introducing a new Burp Suite extension that allows users to run SQLmap directly from the GUI, simplifying the SQL injection testing process.
Read the full tweet →

New Knoxnl Update Enhances Stealthy URL Processing 
🔗 Tweet by / XNL -н4cĸ3r

The latest Knoxnl update improves stealth by shuffling URLs in file inputs to minimize detection while interacting with target servers.
Read the full tweet →

Have a favorite tool? Tell me.

Grafana CVE-2025–4123: Full Read SSRF & Account Takeover 
📝 Writeup by Alvaro Balada

Analyzing CVE-2025-4123 in Grafana, this post details a Full Read SSRF and account takeover vulnerability, outlining exploitation methods including client-side JavaScript path traversal. The article emphasizes the importance of vigilance in secure applications.
Read more →

Full-Blown SSRF to Gain Access to Millions of Users’ Records and Multiple Internal Panels
📝 Writeup by @skycer_00

A researcher exploited a critical SSRF vulnerability to bypass domain validation, leverage redirect chains, and access unsecured internal services, ultimately exposing data from millions of users.
Read more →

HTML to PDF Renderer: A tale of local file access and shellcode execution — Neodyme 
📝 Writeup by Alain (neodyme.io)

Illustrating a security engagement with an HTML to PDF renderer, the post covers local file access vulnerabilities and remote code execution exploits, underscoring the necessity for secure configurations.
Read more →

Meta BBP — Stored XSS at Meta Careers 
📝 Writeup by Muntadhar M. Ahmed

The author shares a privilege escalation vulnerability in a Meta application, detailing their method of manipulating user roles during the workspace invitation process for a successful bounty.
Read more →

Did I miss an important update? Tell me.

Top War Stories from a Try Hard Bug Bounty Hunter, Rhynorater | Bug Bounty Village, DEF CON 32 
🎥 Video by Bug Bounty DEFCON

Justin Gardner shares critical vulnerabilities discovered in various applications, providing insights into strategies and tools used in ethical hacking.
Watch video →

Bug Bounty: Exploiting Prototype Pollution for Easy $$$ (Manual + Automation Guide) 
🎥 Video by ethicalPap_

This video provides a comprehensive guide on exploiting prototype pollution vulnerabilities, detailing manual and automated testing methods, including XSS techniques.
Watch video →

This Browser Hack Scored Me a $20,000 Bug Bounty 
🎥 Video by NahamSec

Covering an XXE vulnerability in Chrome, this video illustrates practical exploitation and highlights the vulnerability's relevance in modern systems.
Watch video →

This HACKER Made $84,000 HACKING Reddit! 
🎥 Video by DeadOverflow

Lar Voltage discusses his methodology for exploiting vulnerabilities on Reddit, culminating in earnings of $84,000 from his findings.
Watch video →

Hacking AI Series: Vulnus ex Machina - Part 2 (Ep.123) 
🎥 Video by Critical Thinking - Bug Bounty Podcast

Joseph delves into exploitation methods for AI applications in this episode, discussing vulnerabilities and techniques relevant to bug bounty programs.
Watch video →

Did I miss something? Tell me.

Understanding Regex Dot and Its Security Implications 
Tweet by André Baptista

Explaining the regex dot operator, this tweet addresses its potential to match unintended strings, raising awareness about regex-related vulnerabilities.
Read the full tweet →

Mastering SQL Injection Recon: Step-by-Step Guide for Bug Bounty Hunters 
📝 Writeup by coffinxp

Providing effective reconnaissance techniques for identifying SQL injection vulnerabilities, this guide offers actionable steps for bug bounty hunters.
Read more →

NoSQL Injection - Payloads All The Things 
📝 Writeup by Unknown author

This article outlines NoSQL injection methodologies and attack vectors while providing practical scripts for vulnerability testing and bypass strategies.
Read more →

CORS Misconfigurations: Advanced Exploitation Guide 
📝 Writeup by blackbird-eu

This comprehensive guide discusses CORS misconfiguration vulnerabilities, identification methods, and advanced exploitation techniques.
Read more →

Smart XSS Fuzzing With Polyglots [📝 Writeup]
by Unknown author

Discussing XSS polyglots as effective testing payloads, this article illustrates their advantages in identifying XSS vulnerabilities across different contexts.
Read more →

Did I miss something? Tell me.

Journey to Winning the Hacker0x01 Ambassadors World Cup 
🔗 Thread by remot3

Sharing a personal journey of winning the Hacker0x01 Ambassadors World Cup starting with zero points on HackerOne.
Read the full thread →

Enhancing Hacking with Cursor AI and GitHub Tools 
🔗 Tweet by TESS

Highlighting how to customize an open-source tool using Cursor AI for effective code analysis in hacking.
Read the full tweet →

Leveraging URL-Based XSS Payload Smuggling Techniques 
🔗 Thread by Gareth Heyes

Introducing a creative method for smuggling XSS payloads through URLs to evade various filters.
Read the full thread →

Comprehensive Bug Bounty Recon Workflow for Token Finds 
🔗 Tweet by X

Outlining a recon workflow targeting common vulnerabilities in enterprise applications, emphasizing token discovery and OAuth misconfigurations.
Read the full tweet →

Five Key Strategies for Effective Vulnerability Modeling 
🔗 Tweet by bugcrowd

Providing five strategies for ethical hackers to model web applications effectively, focusing on understanding application structures and data flows.
Read the full tweet →

Fast Subdomain Bruteforcing Using dnsx Tool 
🔗 TWeet by ProjectDiscovery

Sharing an efficient command for subdomain bruteforcing using the dnsx tool, aiding rapid discovery for security researchers.
Read the full tweet →

First Bug Bounty Payout: IDOR Explained 
🔗 Tweet by Oliver Ellis

Celebrating a first bug bounty payout for an IDOR vulnerability discovered at Audible, with tips on recognizing similar vulnerabilities.
Read the full tweet →

Did I miss something? Tell me.

Because Disclosure Matters: This newsletter was produced with the assistance of AI. While I strive for accuracy and quality, not all content has been independently vetted or fact-checked. Please allow for a reasonable margin of error. The views expressed are my own and do not reflect those of my employer.