CASE STUDIES
Case studies teach you what really works in real-world bug bounty hunting. Each one breaks down a disclosed bug bounty writeup focused on a specific bug class. You’ll see how top hackers approach targets, chain bugs, and write reports that get rewarded. You also get access to a database of all the reports if you want to go deeper.
CourseBy gregxsunday
DEVTOOLS
DevTools can help you understand how frontends actually work. This series walks through the tabs and features you’ll use when debugging JavaScript, setting breakpoints, and analyzing client-side flows during bounty hunting. It’s built around real use cases, with a focus on clarity and signal over noise.
CourseBy gregxsunday
GraphQL Case Study
If your GraphQL testing ends with introspection queries and basic ID swapping, you’re missing out on a lot of impactful bugs. GraphQL APIs can open doors to vulnerabilities ranging from SQL injections and CSRF attacks to subtle caching issues, tricky race conditions, and WebSocket-based bypasses. In this case study, I’ve analyzed disclosed vulnerability reports to see what happens in real life and identify what we all must have in our testing methodologies.
CourseBy gregxsunday
OAUTH SERIES
This OAuth series covers the kinds of bugs that show up in real bounty reports. It breaks down OAuth step by step - from how OAuth works, to what each parameter does, to the bugs those parameters can introduce. You’ll also learn lesser-known techniques, including server-side issues and what recon looks like in the context of OAuth.
CourseBy gregxsunday
4 products found