@zseano
UK Security Researcher



A site containing various blog posts, tutorials, tools and information regarding working with me.

@zseano
UK Security Researcher



A site containing various blog posts, tutorials, tools and information regarding working with me.



Tutorials Blog Posts Tools Contact Information



Blog Posts

Read more blogs on BugBountyForum

View - XSS via XML post

Sending an XML payload to achieve XSS. This will only work if the site doesn't verify the Content-Type.

View - Open URL redirects to grab Facebook OAuth Tokens

An old post of mine detailing how to use open url redirects to grab a users' Facebook OAuth token, to then achieve potential account takeover. I've also written a tutorial on this.

View - Stored XSS "domain takeover"

A cool find that let us inject stored XSS into a cookie value which was reflected on every page. This was essentially a "domain takeover" since we could inject into every page, redirecting them to our site, changing content persisently etc.

View - CSRF bypass on xvideos

I saw xvideos had some CSRF protection in place for commenting which just looked for the Referer: header. An old post of mine showing how I bypassed that.

View - One company, 262 bugs, 100% acceptance

An old post written in February 2017 detailing my recent success on a Bugcrowd program. One key take-away is how IDOR is so overlooked yet it can have devasting impacts (such as being able to reveal ~millions of users' personal data)