Articles Papers

How I Made an AI Steal Session Tokens for Me | Zero-Click Cross-Tenant ATO via LLM Output Rendering + IDOR

How I made a company’s own AI assistant steal its users’ session tokens, zero-click I want to tell you about the moment I realized I could make a company’s own AI assistant hand me its users’ sess...

Jun 8 2026-06-08T15:00:00+00:00

The exploitation of a $$$$ SQL Injection Path Based

Here is how I exploited a unusual SQL Injection Path Based and got rewarded with bounty First of all, here are some sections that will be covered in this article, ┌───────────────Summary─────────...

Jun 3, 2024 2024-06-03T11:13:13+00:00

How I g0t 4000$ for AWS Metadata Leak and Takeover $$

Here is how I g0t $$ pwning AWS cloud of a bug bounty program at HackerOne First of all, we have some sections that will be covered in this article, ┌───────────────Summary────────────────┐ │ ...

Jun 3, 2024 2024-06-03T11:13:13+00:00

Articles | Papers

How I Made an AI Steal Session Tokens for Me | Zero-Click Cross-Tenant ATO via LLM Output Rendering + IDOR

The exploitation of a $$$$ SQL Injection Path Based

How I g0t 4000$ for AWS Metadata Leak and Takeover $$

Trending Tags