Pratyush Anjan SarangiThe Art of IDOR: 7 IDORs in Edm0d0Three duplicates and four rewards!Sep 29, 20202Sep 29, 20202
mrhavitHow I Found an Insecure Direct Object Reference in TikTokHello fellow security researchers and bug bounty hunters!Jan 29, 20234Jan 29, 20234
Gavin KramerOne Bug at a Time: My First Paid Bug ($1,000 IDOR)Hello all! Glad to see you back : ) Today I will be writing about my first paid bug, it has a funny story line so read along!May 11, 20236May 11, 20236
Abhisek RDiscovered a Critical IDOR and Earned $900 for My First P1 Vulnerability!Hello Guys, It is been a very long time since I wrote a bug bounty write-up. Without any delay let’s get into it.Jan 29, 20237Jan 29, 20237
InInfoSec Write-upsbyMase289Chaining password reset link poisoning, IDOR+account information leakage to achieve account…While assessing a target web application for impactful vulnerabilities, a useful check to conduct might be looking through the…Nov 10, 20202Nov 10, 20202
Swapmaurya3 Step IDOR in HackerResumeBefore moving forward with this blog if you don’t have any context over what IDOR is you can refer the same over hereDec 3, 20222Dec 3, 20222
InInfoSec Write-upsbyMukul Trivedi (M0hn1sh)All About Getting First Bounty with IDORHello All,Jun 23, 20202Jun 23, 20202
BrownBearSecWhat I learnt from reading 220* IDOR bug reports.IDOR — Insecure Direct Object Reference, abuse of the lack of authentication at every stage.Jan 25, 202211Jan 25, 202211
