Researchers’ Blog

It is no secret that bug bounty hunters who spend lots of time on information gathering are always rewarded well for their efforts. As developers continue to in-deliberately push secrets to production or to other public-facing resources, hunting for secrets remains invaluable for security researcher

Next.js is a powerful open-source React framework that enables developers to build fast, interactive, and SEO-friendly web applications. With almost 13 million weekly downloads via NPM, and the framework being complex by nature, it makes it a prime target for unfriendly intruders. In this article, w

Hi hackers, Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring:  A common (yet unknown) SSRF attack vector in Next.js Middleware  Exploiting PDF processors by generating and uploading malicious PDF payload files  A full reconnaissance breakdown on how to approach

Add-on (or plugin) ecosystems unlock an entire new world of integration possibilities while also complementing the platform's extensibility to developers. However, in practice, finding the right balance between adding extensibility and maintaining security often proves to be difficult. The root caus

At Intigriti, we hold monthly web-based Capture The Flag (CTF) challenges as a way to engage with the security research community. This month's challenge, presented by @0xblackbird, featured an interesting server-side request forgery (SSRF) vulnerability affecting web applications that make use of t

Hi hackers, Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring:  Evading WAFs like Cloudflare, Akamai & AWS Cloudfront  Creating your complete bug bounty automation system  A powerful, targeted backup file scanner  Bypassing CSP to achieve XSS via a cool trick w

Google Firebase is a popular back-end application development platform that provides several built-in components and services, allowing developers to seamlessly build interactive web and mobile applications. But as with any development platform and framework, security always proves to be difficult.

Most of your targets often resort to using content delivery networks (CDNs) or other anti-DDoS reverse proxies to mask their origin IP, protecting the origin server from possible (injection) attacks while also improving content delivery speed. However, when access is misconfigured, it makes it possi

Hi hackers, Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring:  Exploiting Log4Shell (Log4J) in 2025  An indispensable GitHub recon tool (not the one you have in mind)  A repository full of bug bounty tips, resources and tools  One of the most comprehensive gui

Bug bounty hunters who spend time in content discovery and reconnaissance are always rewarded well for their efforts, as they often come across untested and hidden assets or endpoints. GitHub dorking is another way to leverage public search engines to discover hidden assets, endpoints and even secre

It's been a few years since Log4Shell, an injection attack in Log4J Apache logging software, has struck thousands of companies around the world. And despite all the efforts organisations took to patch this critical flaw in their systems, some web services running in 2025 are still vulnerable to Log4

Server-side template injection (SSTI) vulnerabilities still remain present in modern applications as developers continue to struggle with implementing proper input validations everywhere. And yet, despite this fact, bug bounty hunters still occasionally overlook these injection vulnerability class,

Hello hackers, Welcome to the latest edition of Bug Bytes! In this month’s issue, we’ll be featuring: Becoming an Intigriti Pentester Exploiting CORS in 2025 (even when SameSite is set to ‘Strict’) A forgotten tool to quickly score new hidden endpoints (right before you close Burp Suite) 12 API h

Reconnaissance plays an integral part in bug bounty hunting, with hidden parameter discovery an even more crucial role as they are often left with inadequate validation. Making these types of parameters usually more susceptible to common injection vulnerabilities such as SQLs, XSS, IDORs and even c

Hello Hackers 👋 Spring is in the air, and so is the sweet scent of freshly reported bugs. Intigriti’s blooming too—each month, we squad up with elite hackers to drop hot tips, platform news, shiny new programs, and community events you won’t want to miss. Let’s make this bug season one for the boun

Intigriti, a global crowdsourced security provider, is delighted to announce that it is now CREST accredited. Who is CREST? CREST, a globally recognised not-for-profit authority in cyber security, rigorously assesses organisations against stringent standards for quality, technical proficiency, and o

CORS misconfiguration vulnerabilities are a highly underestimated vulnerability class. With an impact ranging from sensitive information disclosure to facilitating SSRF attacks, this client-side security vulnerability should always be part of your security testing. In this article, we will explore t

We’re pleased to share a significant new change to our platform for companies.  Our goal is to empower our customers with clear, actionable insights into their attack surface. We aim to create a platform where managing your digital footprint is intuitive, collaboration is effective, and understandin

As we have entered Q2 2025, let's dive into key improvements and new features introduced on the Intigriti platform in Q1, the value they bring, and how they positively impact your operation. Refined control for companies  Intigriti has rolled out several new features, designed to provide organizatio

NoSQL injections are relatively easier to exploit than classic SQL injections. However, developers often overlook these vulnerabilities, mainly due to limited awareness. Additionally, false beliefs among software engineers that NoSQL databases inherently resist injection attacks further increase the