User Profile

Me

venom

About

No information has been set by the researcher

Recognised by

None listed.

venom's challenge statistics

View Researcher Activity

11 total submissions

6 accepted

0 rejected




Easy Find the vulnerable parameter and try beat the XSS filter!

I couldn't use the traditional methods of stopping XSS because of the way my application works. Because of this i've had to create a "strict" filter to stop malicious attackers and help...
Category: Cross Site Scripting (XSS)
Completed on 10-07-2019

Easy This developer didn't realise people could view the HTML source. What can you find?

Note: This challenge just requires you to have a keen eye. Look carefully! Firstly, this developer hid his admin panel at a random subdomain he didn't think anyone could find. Because of this...
Category: Test your recon
Completed on 10-07-2019

Easy/medium Your scanner just found include.html - but what does the javascript do?

This is a re-created bug I recently found on a public bugbounty program. My scanner was hunting for interesting subdomains&files and I noticed one interesting subdomain which contained nothing...
Category: Cross Site Scripting (XSS)
Completed on 09-07-2019

Easy/medium FastFoodHackings - Is our new profile updater secure?

**Note** For this challenge you will need an account on https://www.bugbountytraining.com/FFH/ _____ Thanks again for everyone helping us test our site and let us know where we are making...
Category: idor
Completed on 11-07-2019

Easy/medium Can you bypass the Open URL redirect filter?

Try not to overthink this one. Even though a website sometimes tell you how a function SHOULD function, sometimes it doesn't always do that. Look at what request is being sent, and can anything be...
Category: openurl
Completed on 10-07-2019

Medium Blind testing - debug mode

This one will require a bit of thinking. It's designed to be a complete blackbox so you have no idea what it's looking for but using information on the page and basic understanding of HTTP requests...
Category: Cross Site Scripting (XSS)
Completed on 10-07-2019