/articles/2018-10/blind-xss-tokopedia-internal-panel-bahasa 2018-10-04T00:00:00+07:00 /articles/2019-01/how-i-hack-antihack-me 2019-01-11T00:00:00+07:00 /articles/2019-06/reflected-xss-on-error-page 2019-06-11T00:00:00+07:00 /articles/2019-08/aws-metadata-disclosure-via-hardcoded-host-download 2019-08-21T00:00:00+07:00 /articles/2019-09/exploiting-cookie-based-xss-by-finding-rce 2019-09-22T00:00:00+07:00 /articles/2019-10/xss-to-account-takeover 2019-10-29T00:00:00+07:00 /articles/2020-01/how-i-found-bug-google-search-console 2020-01-18T00:00:00+07:00 /articles/2020-06/unvalidated-redirect-parameter-tampering-acc-takeover 2020-06-14T00:00:00+07:00 /articles/2020-12/from-git-disclosure-to-remote-code-execution 2020-12-04T00:00:00+07:00 /articles/2021-05/ssrf-in-pdf-renderer-using-svg 2021-05-19T00:00:00+07:00 /articles/2021-06/local-file-read-via-error-based-xxe 2021-06-19T00:00:00+07:00 /articles/2025-01/cegah-website-tampilkan-konten-judol-dengan-cloudflare-worker 2025-01-15T00:00:00+07:00 /categories/ 2025-01-16T09:21:27+07:00 /tags/ 2025-01-16T09:21:27+07:00 /archives/ 2025-01-16T09:21:27+07:00 /term-of-use/ 2025-01-16T09:21:27+07:00 / /tags/bug-hunting/ /tags/hacking/ /tags/xss/ /tags/bahasa/ /tags/local-file-disclosure/ /tags/aws/ /tags/sql-injection/ /tags/rce/ /tags/csrf/ /tags/account-takeover/ /tags/google/ /tags/broken-access-control/ /tags/unvalidated-redirect/ /tags/parameter-tampering/ /tags/git-folder-disclosure/ /tags/file-upload/ /tags/php/ /tags/ssrf/ /tags/svg/ /tags/xxe/ /tags/java/ /tags/xliff/ /tags/cybersecurity/ /categories/bug-hunting/ /categories/cybersecurity/ /page2/