The Art Of Zendesk Hijacking

The Art Of Zendesk Hijacking

Back in July 2023, I was testing a HackerOne Private Program [ let’s call this target xyz.com ] and this target scope was pretty limited. The scope was – xyz.com admin.xyz.com api.xyz.com The subdomain admin.xyz.com looks interesting and I quickly used search.censys.io to look for any beta or dev environment for this admin subdomain using the query […]

Subdomain Hijacking Of Any Qwilr’s Customer

First Happy new year to fellow Hackers, I was planning to write on my blog regularly for the last few months, but I could not do that due to my lack of time and laziness. So here’s a new year gift for you guys ? Back in October 2022, I was testing a really old […]