Hacking Bumble Message API

This is being published with the permission of Bumble under the responsible disclosure policy. The vulnerability detailed in this blog post was found through hackerone’s bug bounty program and was closed with the help of the Bumble security team About Bumble: Bumble is a location-based social application that facilitates communication between interested users. Unlike its competition, Bumble adds some unique feature like ‘expiring matches’, ‘gender … Continue reading Hacking Bumble Message API

Kerberoasting 101 – A golden ticket to Disneyland

Imagine the best amusement park that you’ve heard of or ever been to. The plethora of rides they offer, the ambrosial food available at the food stalls, enthralling games to play, etc. But like all good things in this world, the amusement park, with all its rides and glory comes with a cost. One has to buy a ticket to get in, buy tokens to … Continue reading Kerberoasting 101 – A golden ticket to Disneyland