Pentest Diaries – Hunting Bugs in HTTP Headers

Some time ago, I joined a bug bounty program of a household name brand, who shall remain anonymous throughout this article. This write-up documents a journey of finding and exploiting SQL injection in some unexpected places. To get started, I randomly chose one of the 47 domains which were in scope and decided to perform […]

Read More →