🏡Welcome To @crypyt0g30rgy WriteUps
  • Blog
  • Labs WriteUps
  • Contacts
Owning half of a government assets through AWS

Owning half of a government assets through AWS

2022-12-20
Account takeover via misconfigured SSO [OIDC] implementation

Account takeover via misconfigured SSO [OIDC] implementation

2023-09-08
Auth Bypass Via Exposed Credentials

Auth Bypass Via Exposed Credentials

2022-10-07
My s3 bugs so far...

My s3 bugs so far...

2024-08-27
Battling Parasoft DTP :: Default Creds to RCE

Battling Parasoft DTP :: Default Creds to RCE

2024-03-11
Getting AWS s3 file Write/OverWrite from Cognito

Getting AWS s3 file Write/OverWrite from Cognito

2023-06-20
Idor that resulted to Account takeover

Idor that resulted to Account takeover

2023-11-29
Compromising custom AWS infra API [read/write access] from a clientId & clientSecret

Compromising custom AWS infra API [read/write access] from a clientId & clientSecret

2023-07-27
From an Innocent api-key to PII data

From an Innocent api-key to PII data

2023-02-29
JBOSS :: From Default Creds to RCE

JBOSS :: From Default Creds to RCE

2023-09-13
The Bug That Kept On Giving :: PaymentBypass :: QR CODE

The Bug That Kept On Giving :: PaymentBypass :: QR CODE

2022-3-12
The Bug That Kept On Giving :: PaymentBypass :: Eposed Return Url

The Bug That Kept On Giving :: PaymentBypass :: Eposed Return Url

2022-4-5
The Bug That Kept On Giving :: PaymentBypass :: Response Manipulation

The Bug That Kept On Giving :: PaymentBypass :: Response Manipulation

2022-16-12
The SSRF that Brought down a Server

The SSRF that Brought down a Server

2023-01-07
The Samaritan Bug

The Samaritan Bug

2021-10-04
The Spring Of Secrets

The Spring Of Secrets

2024-12-08
Let me Unmask my next 👻

Let me Unmask my next 👻

2022-02-22
Idor: I know where you live

Idor: I know where you live

2024-10-18
My First Bug

My First Bug

2021-10-04
Whoami

Whoami

2021-10-04
Why jijo

Why jijo

2020-12-10
© 28/1/2025 crypt0g30rgy blog