In this blog, we will dive into the fundamentals of SSRF and explore how to exploit it to get bug bounties

This blog talks about what supply chain attacks are and how they affect all downstream users.

This is the last part of the Recon Series which focuses on automating the recon process

This is part 2 of a 3 part series explaining reconnaissance (recon) for bug bounty hunting. In part 2, we explained different recon methodologies.

This is part 1 of a 3 part series explaining reconnaissance (recon) for bug bounty hunting. In part 1, I explained diffe...

In this blog, we talk about how to prevent, exploit and find post message vulnerabilities for cross origin communication

This blog talks about the zero trust access model, its specifics and usual challenges faced by organisations in implementing it successfully

In this blog, we'll discuss JSON Web Tokens, the structure of JWT, and various vulnerabilities associated with JWTs

Techniques to bypass CSP , vulnerable attack scenarios and how to protect against them

In this blog, we'll explore the realms of bug bounty triage and report writing, providing you with valuable insights on ...

In this blog, we will dive into the fundamental concepts of GraphQL and explore its vulnerabilities to get bug bounties

As a part of our monthly CTF cycle we organised July Jigsaw CTF where over 400+ hackers participated to fight for the to...

In this blog, we talk about exposing one local port to the internet and using it to catch reverse shells like we would do in any local environment.

In this article, we will shed light on IDOR vulnerabilities, comprehensively examining the vulnerability itself, its roo...

As a part of our monthly CTF cycle we organized June Jeopardy CTF where over 350+ hackers participated to fight for the ...

In this blog post, we are going to solve two hard challenges of May Mayhem.

Discover the fundamentals of Single Sign-On (SSO) and gain a comprehensive understanding of the widely-used Security Assertion Markup Language (SAML).

In this article, we will try to explain about basics of XML, what is XML External Entity (XXE) injection, why it arises,...

Unlock the full potential of your bug bounty program with expert strategies. From defining clear objectives and offering...

In today's digital age, cybersecurity has become a top priority for businesses of all sizes. One effective way to identi...

Attack surface management is a critical component of cybersecurity that organizations must prioritize. It involves ident...

Learn about the rise of cyber attacks caused by misconfigurations and supply chain vulnerabilities, and how companies ca...

In the ever-evolving landscape of cybersecurity threats, it's critical to have a plan in place to safeguard sensitive da...

Join the Apollo Community of BugBase and unlock a world of possibilities! This blog will answer all your doubts and quer...

Continuous testing is an essential part of the software development process. It ensures that code changes are thoroughly...

"Are you a business or organization looking to improve your cybersecurity defenses? Capture The Flag (CTF) events may be...

Navigating the world of bug bounties can be confusing. Learn the key differences between public and private programs, an...

"Remote Code Execution (RCE) attacks are a serious threat to the security of any organization. These attacks allow hacke...

The traditional method of searching for vulnerabilities is penetration testing, wherein the tester is expected to find a...

Center's Ministry of Electronics and Information Technology (MeitY) recently tabled another version of the data protecti...

The majority of firms are not equipped to offer public bug rewards because they lack the essential protocols, have too m...

Continuous security testing is carried out to verify the security flaws that underlie your IT infrastructure and web app...

The first step in creating your programme brief, which you should undertake if you’ve decided that you and your business...

Vulnerability management is the continuous, systematic process of finding, analyzing, reporting on, managing, and addres...

The risks of cyber liability are evolving rapidly, with new risks emerging as technology advances and new regulations ar...

Cybersecurity breaches in critical infrastructure networks are increasing - appearing frequently in recent headlines. ...

Ransomware assaults have increased exponentially in recent years, and businesses everywhere need to be aware of the grow...

100X.VC-backed Cybersecurity marketplace by two college dropouts, BugBase raises US$500,000 in funding led by 2am VC

The BlackCat ransomware, also known as ALPHV, is a prevalent threat and a prime example of the growing ransomware-as-a-service (RaaS) gig economy.

A safe browser may hold different definitions in different domains. In general, a safe browser is one that has additiona...

Type juggling, often known as “type coercion,” is a PHP feature. This indicates that PHP will transform variables of var...

Burp, often known as Burp Suite, is a package of web application penetration testing tools developed by Portswigger.

Web applications frequently employ databases and rely on third-party web services to supply dynamic content.

Ngrok is a cross-platform program that uses the Internet to expose local server ports.

The technique of transforming a given key into another value is known as hashing. A mathematical algorithm is employed t...

BugBase is excited to announce that our platform is now certified and compliant with ISO 27001 standards

Cryptography is the technique of securing information and its communication through the use of algorithms

A distributed denial of service (DDoS) attack is a malicious attempt to disrupt the normal traffic of the target’s server

A bug bounty program is a deal offered by businesses and organizations in which cybersecurity experts can receive recogn...

Social Engineering is an act of manipulating a person to take any action that may or may not be in “target's” best interest.

The OSI Model (Open Systems Interconnection Model) is a conceptual framework used to describe the functions of a networking system.