سَلامٌ I’ll share In this write-up how I discovered my first €€€€ bounty. At first, I started with a basic manual recon because the program scope was just a set of URLs related to different servi...

Before Diving I’ll discuss with you how I found all users’ PII leaked via Microsoft SharePoint API. Firstly, what Is Microsoft SharePoint? Microsoft SharePoint Is a CMS (Content Management Syste...

CATEGORY: Web Difficulty: Easy Challenge Description: Are you able to retrieve the 6th character from the database? You can download the task source code from here → https://app.hackthebox.com/c...