can1337inInfoSec Write-upsMRS #2: Bypassing premium features by checking “premium validation” parameters (€€€)Hi, this write-up series was created to share the original reports of some vulnerabilities I found, with the necessary corrections made…3 min read·Mar 14, 2024----
can1337inInfoSec Write-upsMy Report Summaries #1: Project manager can see & download all users’ login history at redacted app…Hi, this write-up series was created to share the original reports of some vulnerabilities I found, with the necessary corrections made…4 min read·Mar 4, 2024--1--1
can1337inInfoSec Write-upsDisclosure email address of any Wordpress user via redacted-serviceHello fellas, in this write-up, I’m gonna talk about disclosing email address of any WordPress user by using an another service within…3 min read·Oct 11, 2023----
can1337inInfoSec Write-upsBypassing email verification of high-profile tech company ($$$)Hi guys, after almost a year, I thought I should create a new write-up. Today, I’m gonna show you the email verification bypass…3 min read·Jul 29, 2023--6--6
can1337inInfoSec Write-upsBypass Apple’s redirection process with the dot (“.”) characterHi guys, I have been gone for a while but now I’m back and here is a new write-up post. Today, I’m gonna show you the Open Redirection…3 min read·Dec 24, 2022--1--1
can1337inInfoSec Write-upsBreak the Logic: 5 Different Perspectives in Single Page (€1500)Hello everyone. Today I’m going to talk about five different vulnerabilities that I found on a single page. Three of these vulnerabilities…5 min read·Aug 26, 2022--2--2
can1337inInfoSec Write-upsBreak the Logic: Insecure Parameters (€300)Hello everyone. Today, I’m going to talk about two minor vulnerabilities based on insecure parameters that I discovered in the same…4 min read·Aug 24, 2022--3--3
can1337inInfoSec Write-upsMultiple bugs in one program leads to €1500Hi, today I‘m going to talk about three basic vulnerabilities that I discovered in the same program and were rewarded with 1500€.5 min read·Aug 2, 2022--2--2
can1337inInfoSec Write-upsI mean, IDOR is NOT only about others IDHi folks! In this write-up, I’m going to talk about the vulnerability I found to broaden your perspective on IDORs.4 min read·Jul 22, 2022--2--2
can1337inInfoSec Write-upsHow Did I Leak 5.2k Customer Data From a Large Company? (via Broken Access Control)Hello everyone!3 min read·Mar 11, 2022--1--1