FROM INTERNET 1)CVE-2023-41763 Business Elevation of Privilege vulnerability on [.mtn.com] https://hackerone.com/reports/2309291 2)Possible to enumerate valid files in password protected shares/files drop shares as well as spam folder with files https://hackerone.com/reports/2376909 3)Bug Bounty Hunting: Web Vulnerability (API Testing) https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-api-testing-96a49acc4f35 4)Finding Hidden API Keys, Tokens, and Sensitive Information in Applications https://osintteam.blog/finding-hidden-api-keys-tokens-and-sensitive-information-in-applications-d8a40a5a162a 5)BITSCTF 2025 WriteUp | STELK_CSC https://hack4funacademy.medium.com/bitsctf-2025-stelk-csc-b2baf7d3327f 6)Exploiting SSTI in Flask to Forge Admin Sessions: CTF “Birthday Card” Writeup of Pragyan CTF’25 By NIT, Trichy. https://medium.com/@baraiprince0111/exploiting-ssti-in-flask-to-forge-admin-sessions-ctf-birthday-card-writeup-of-pragyan-ctf25-by-d3343ca7add2 7)Broker walk-through HTB https://medium.com/@mu.aktepe18/broker-walk-through-htb-5c30900dccf5 Daily Writeups Here: https://whatsapp.com/channel/0029VaxVv551iUxRku094918 8)try hack me — GamingServer https://dedfish404.medium.com/try-hack-me-gamingserver-4ee8158d9303 9)Explaining Random H1 Reports for 20 Minutes Straight! https://www.youtube.com/watch?v=I0H50idt0ug 10)grep-backURLs - Automated way to extract juicy info with subfinder and waybackurls https://github.com/gigachad80/grep-backURLs Daily Writeups Here: https://whatsapp.com/channel/0029VaxVv551iUxRku094918 #bug #bugs #bugbounty #bugbountytip #bugbountytips #hacking #hacker #ethicalhacking #ethicalhacker #ethicalhackers #cybersecurity