.png)
3 weeks ago
20 BOOK THIS SPACE FOR AD
ARTICLE AD
Free Article Link: Click here
whoami ❓
I am Abhirup Konwar (aka LegionHunter). I work as a full-time bug hunter and part-time on personal malware development projects.🥷
I have reported over 1000 bugs on OpenBugBounty as well as on HackerOne and BugCrowd along with numerous Hall Of Fame programs including NASA, American Systems (🥇Top 5 Bug Hunter) and self hosted VDP + BBP , with bugs belonging to both Client and Server Injection category, Sensitive Information Disclosure & Broken Access Control.
I will put in my own words, certain parameters of the urls are not properly sanitized by the web developer due to which we can replace with any malicious site and share with the victims to click on it. It will look trusted to them because novice users will only verify whether the domain is legit or not , they won’t check the parameter values as well :) Leading to instant javascript auto-download malware on their system with cross-platform capabilities. Other basic example includes: phishing pages or fake donation pages exploiting human emotions.
Bengali (Bangladesh) · 
English (United States) ·