Writing
>_
Bypassing WAF, 403, and OTP to Exploit SQL Injection Bypassing WAF, 403 Forbidden, and OTP restrictions to exploit a blind SQL injection on a VDP program.
>_ My Therapist Said Tiny Problems Don’t Matter. These Vulnerability Chains Proved Me Wrong. Chaining multiple low-severity IDORs, broken access control, and token exhaustion into a data exfiltration chain.
>_ From alert(origin) to ATO, an XSS Story How a simple XSS discovery escalated to full account takeover through response manipulation and creative payload crafting.
>_ 403 Forbidden? No Problem, Here’s a POST XSS Bypassing 403 forbidden restrictions to deliver a POST-based XSS payload that led to a Bugcrowd bounty.