CORS Misconfigurations: How Hackers Steal Your Cookies?
đ Portfolio: https://portfolio.medusa0xf.com/ âïž Bug Bounty WriteUps:   / medusa0xf  CORS misconfigs are lowâeffort, highâreward bugs that let apps leak session data if ignored. Iâll show what these misconfigs actually do, real examples that make them dangerous, and how to spot them quickly. -------------------------------------------------------------------------------------------------------------------------------------------- đ± Socials: X:   / medusa_0xf  Discord:   / discord  LinkedIn:   / insha-j-38b822225  Instagram:   / medusa_0xf  -------------------------------------------------------------------------------------------------------------------------------------------- Reports: https://hackerone.com/reports/426165 https://hackerone.com/reports/758785 https://0xn3va.gitbook.io/cheat-sheet... ------------------------------------------------------------------------------------------------------------------------------------------- Timestamp: Introduction: 0:00 What is Origin: 0:27 What is Same Origin: 0:52 Cross Origin and Headers: 1:29 Live Demo of Leaking Data: 2:48 Report 1: 7:58 Report 2: 11:53 Prelight & Cheatsheet: 13:41 Thoughts: 18:38 ------------------------------------------------------------------------------------------------------------------------------------------ Lukrembo - Spaceship Lukrembo - Apple tree Lukrembo - Flower Cup ©Music provided by DreamWave Kingdom© Watch the original movie here:    âąÂ 1983 SynthWave RetroWave [ No Copyright FR...  -------------------------------------------------------------------------------------------------------------------------------------------- #xss #bugbounty #pentesting #infosec #cybersecurity #websecurity #portswigger #DOMInvader #securityresearch #ethicalhacking #vulnerability #exploit #javascript #webhacking #bugbountytips #reportwriting #zeroday #cve #idor #xss #oauth #chatgpt #owasp #owasptop10 #ssrf #recon #ethicalhacking #portswigger #owasp #bugbounty #cve #cybersecurity #graphql #apihacking #developer #hackerone #jwt #api #subdomain #portswigger #bugbounty #bola #postman #podcast #pentesting #api #hack #bola #tryhackme #hackerone
Top 5 API Vulnerabilities That Pay in Bug Bounties
Cross-Origin Resource Sharing (CORS) | Complete Guide
How The FBI Finds Your REAL IP Address
Attacking AI - Jason Haddix - NDC Security 2026
AI tool For HACKING ? Shannon EXPLAINED
How I Found Valid JavaScript Bugs? (Storytime)
Mastering DOM XSS for Bug Bounties: DOM Invader & Bug Bounty Reports!
What bugs you should look for in a GraphQL API? Bug Bounty Case Study
How I Found IDORs That Shouldnât Exist
RAW videos from REAL hackers
How to Discover High-Paying IDOR Bugs in Real Apps?
My Favorite API Hacking Vulnerabilities & Tips
Covering The Under Rated Vulnerabilities: CORS Misconfiguration #1
This One File Gave Hackers Access to Their Entire Server
HD Flower TV Screensaver , Framed Art Painting, TV Art - Nas Gallery
How Hackers Use Burp Suite to Get Into Websites
2024 Guide: Hacking APIs
How I made 1k in a day with IDORs! (10 Tips!)
I Tried 500+ Hacking Tools, These 13 Should Be ILLEGAL
