Ahmed Najeh – Medium

Ahmed Najeh

Discovered 30 BOLA + IDOR vulnerabilities in a single subdomain (BBP).

In this article, I’ll walk you through how I identified over 30 BOLA (Broken Object Level Authorization) and IDOR (Insecure Direct Object…

Dec 30, 2024

Discovered 30 BOLA + IDOR vulnerabilities in a single subdomain (BBP).

Dec 30, 2024

How to Make Money with WebSocket: 10 Vulnerabilities You Should Be Aware Of

What is WSS?

Dec 23, 2024

How to Make Money with WebSocket: 10 Vulnerabilities You Should Be Aware Of

Dec 23, 2024

Identifying and Exploiting SQL Injection Vulnerabilities

### How to Search for SQL Injection Vulnerabilities (High-Scope Method)

Aug 14, 2024

Identifying and Exploiting SQL Injection Vulnerabilities

Aug 14, 2024

Silk road to Bug Hunting

Windows Fundamentals

Mar 24, 2024

Silk road to Bug Hunting

Mar 24, 2024

3000$ Blind Xss Hijack admin panel

Hi 😊

Jan 19, 2024

3000$ Blind Xss Hijack admin panel

Jan 19, 2024

How did I get 3300$ With Just FFUF!!

By searching inside one of the Bitcoin platforms I found there a place to document accounts by sending documents such as ID or passport…

Jul 2, 2023

How did I get 3300$ With Just FFUF!!

Jul 2, 2023

EZ 100$ with Change the account name after authenticating it

Hello, I found out that it is possible to change the name of the account after creating it This feature is not available on the site…

Apr 9, 2023

EZ 100$ with Change the account name after authenticating it

Apr 9, 2023

Content length restriction bypass can lead to DOS

You specified while sending a message that did not specify the size of the text being sent This problem may lead to a defect

Feb 21, 2021

Content length restriction bypass can lead to DOS

Feb 21, 2021

Ahmed Najeh

Ahmed Najeh

ذو العَقلِ يَشقَى في النّعيمِ بعَقْلِهِ وَأخو الجَهالَةِ في الشّقاوَةِ يَنعَمُ https://hackerone.com/im4x https://web.facebook.com/im4xx/

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams