XSS Case Study

XSSes are everywhere. They’ve been the most common vulnerability class for years. But while popping an alert may seem simple, there’s much, much more to cross-site scripting.

Here’s the table of contents of this case study:

What XSS types are the most common?
Why did the XSSes occur?
Where were these XSSes found?
How many of them were blind?
What payloads were used?
What filter bypasses were used?
What was the impact?
How often did attackers need to bypass CSP?
The wordlist of vulnerable parameters
The database with 174 reports

Account Takeover Case Study

The number of $20k+ reports in the account takeover case study absolutely shocked me! I knew there were a lot but I didn’t expect that many. In total, I studied reports worth $1,308,980.70 of bounties. Yes, over $1,3 million! And I liked the outcome of the case study equally as I liked this number. I think it’s the best case study I’ve written so far.

I also created a checklist based on those reports so that you know what things you should check for when hunting for account takeover bugs.

From this article you can learn:

What attacks are more lucrative – client-side or server-side?
How user interaction influences bounty amount?
What functionalities are most susceptible to account takeovers?
What are the most common ways to takeover an account?
Checklist – what to check for to find account takeovers
The report database

IDOR Case Study

IDORs are often recommended as the easy vulnerability class, good to start the bug hunting journey. “Just change the ID in the URL parameter” they say. But are they really that easy? Well, to find it out, I analysed 187 public bug bounty IDOR reports to see how are people really making money with IDORs.

From this article you can learn:

Where to look for IDORs?
What’s usually the impact of an IDOR?
What’s the most common place for a payload? (spoiler: it’s not the URL query!)
What are the most common identifier types?
How to predict the identifier?
Protection bypasses
Parameter wordlist
The database with 187 reports

And there's 9 more case studies...

Case studies

Available in days

days after you enroll

What do the users say?

ACCESS NOW

$299

Access to all the bug bounty case studies

Case studies teach you what really works in real-world bug bounty hunting. Each one breaks down a disclosed bug bounty writeup focused on a specific bug class. You’ll see how top hackers approach targets, chain bugs, and write reports that get rewarded. You also get access to a database of all the reports if you want to go deeper.

One-time payment grants lifetime access to all current case studies.

GRZEGORZ NIEDZIELA

I was a pentester but I made a decision to quit my job for bug bounty and creating content. I’m documenting my learning journey by creating the best materials about web-security in the form of this newsletter, Bug Bounty Reports Explained YouTube channel, Bug Bounty Reports Discussed podcast and all the other social media channels.