Posts | Articles | Papers

Articles & Papers

3 posts

How I Made an AI Steal Session Tokens for Me | Zero-Click Cross-Tenant ATO via LLM Output Rendering + IDOR

How I Made an AI Steal Session Tokens for Me | Zero-Click Cross-Tenant ATO via LLM Output Rendering + IDOR

How I made a company’s own AI assistant steal its users’ session tokens, zero-click I want to tell you abo...

Jun 8 2026-06-08T15:00:00+00:00

The exploitation of a $$$$ SQL Injection Path Based

The exploitation of a $$$$ SQL Injection Path Based

Here is how I exploited a unusual SQL Injection Path Based and got rewarded with bounty First of all, here...

Jun 3, 2024 2024-06-03T11:13:13+00:00

How I g0t 4000$ for AWS Metadata Leak and Takeover $$

How I g0t 4000$ for AWS Metadata Leak and Takeover $$

Here is how I g0t $$ pwning AWS cloud of a bug bounty program at HackerOne First of all, we have some sect...

Jun 3, 2024 2024-06-03T11:13:13+00:00

Trending Tags

bugbounty account takeover ai security idor stored xss xss