Quick write-ups and things I think are interesting https://rhynorater.github.io Solving healthcare as a full-time bug bounty hunter in the US - Hacker Healthcare - USA I’d say that one of the most common problems that prevent successful bug bounty hunters from quitting their day job is that, in the USA, your healthcare is nearly always tied to your job. As such, when you quit your job to become self-employed, you will... Mon, 17 Oct 2022 00:00:00 -0700 https://rhynorater.github.io/Hacker-Healthcare https://rhynorater.github.io/Hacker-Healthcare a brief postMessage testing methodology - postMessages postMessage-related bugs have landed me some serious bounties during the past couple live hacking events. Here is a quick summary of what you need to know about postMessage: According to the docs, postMessages “safely enables cross-origin communication between Window objects.” Whenever we see “cross-origin” as a hacker, our ears... Mon, 10 Oct 2022 00:00:00 -0700 https://rhynorater.github.io/postMessage-Braindump https://rhynorater.github.io/postMessage-Braindump Unauthenticated Full-Read SSRF in Grafana - While doing some security research on Grafana for bug bounty, I discovered that by chaining together some redirects and a URL Parameter Injection bug, it is possible to achieve a full-read, unauthenticated, SSRF on any Grafana instance ranging from version 3.0.1 - 7.0.1. The Grafana advisory for this bug can... Sat, 01 Aug 2020 00:00:00 -0700 https://rhynorater.github.io/CVE-2020-13379-Write-Up https://rhynorater.github.io/CVE-2020-13379-Write-Up What do these creds do anyway? - One of the most common ways to escalate an SSRF in an AWS Cloud environment is the (mis)use of the AWS Metadata API. This API allows for the vulnerable EC2 Machine to gain access to information about itself by accessing an HTTP API at the http://169.254.169.254. The normal route is... Fri, 31 Jul 2020 00:00:00 -0700 https://rhynorater.github.io/AWS-Metadata-Identity-Credentials https://rhynorater.github.io/AWS-Metadata-Identity-Credentials Where to get started in bug bounty - One of the questions I get all the time is How do I get started in bug bounty? While I really enjoy teaching and mentoring, it is not possible for me to provide tailored guidance for each and every one of you. I will gladly point you in the right... Mon, 12 Aug 2019 00:00:00 -0700 https://rhynorater.github.io/Beginners-Resources https://rhynorater.github.io/Beginners-Resources