Pratyush Anjan SarangiThe Art of IDOR: 7 IDORs in Edm0d0Three duplicates and four rewards!Sep 29, 20201Sep 29, 20201
mrhavitHow I Found an Insecure Direct Object Reference in TikTokHello fellow security researchers and bug bounty hunters!Jan 29, 20234Jan 29, 20234
Gavin KramerOne Bug at a Time: My First Paid Bug ($1,000 IDOR)Hello all! Glad to see you back : ) Today I will be writing about my first paid bug, it has a funny story line so read along!May 11, 20236May 11, 20236
Abhisek RDiscovered a Critical IDOR and Earned $900 for My First P1 Vulnerability!Hello Guys, It is been a very long time since I wrote a bug bounty write-up. Without any delay let’s get into it.Jan 29, 20237Jan 29, 20237
Mase289inInfoSec Write-upsChaining password reset link poisoning, IDOR+account information leakage to achieve account…While assessing a target web application for impactful vulnerabilities, a useful check to conduct might be looking through the…Nov 10, 20202Nov 10, 20202
Swapmaurya3 Step IDOR in HackerResumeBefore moving forward with this blog if you don’t have any context over what IDOR is you can refer the same over hereDec 3, 20221Dec 3, 20221
Mukul Trivedi (M0hn1sh)inInfoSec Write-upsAll About Getting First Bounty with IDORHello All,Jun 23, 20202Jun 23, 20202
BrownBearSecWhat I learnt from reading 220* IDOR bug reports.IDOR — Insecure Direct Object Reference, abuse of the lack of authentication at every stage.Jan 25, 202211Jan 25, 202211
