Coffin
@coffinxp7
🕵🏻♂️| ꜱᴇᴄᴜʀɪᴛʏ ʀᴇꜱᴇᴀʀᴄʜᴇʀ | ᴄᴏɴᴛᴇɴᴛ ᴄʀᴇᴀᴛᴏʀ | ᴡʀɪᴛᴇᴜᴘꜱ: https://coffinxp.medium.com/ |ᴡᴇʙꜱɪᴛᴇ: http://lostsec.xyz | ᴄᴏᴍᴍᴜɴɪᴛʏ: https://discord.gg/xTVU4jkScV
here we go! hope this helps every beginner trying to master the full recon to exploitation process. i’ve covered every step in detail and will be adding more soon..just a bit caught up with things right now. infosecwriteups.com/recon-to-maste…
30K strong! Thank you all for the insane love and support this means the world. Dropping something special very soon… stay tuned! 💥
100% For anyone who hasn't used them or is wondering where to start. Install this official extension: portswigger.net/bappstore/4127… It will let you easily import a bunch of BChecks (and Bambdas) submitted by the community to PortSwigger.
PolyCaptcha is a malicious CAPTCHA simulator that delivers dual-format PNG+EXE payloads disguised as image challenges, complete with clipboard poisoning and basic AV evasion. Curious to try it? 👇 🔗 PolyCaptcha: github.com/AnonKryptiQuz/… 🔗 I-Espresso: github.com/AnonKryptiQuz/…
infosecwriteups.com/pdf-js-arbitra…
Stored XSS via PDF File @coffinxp7 PDF Exploit
Premiering now A reading by @coffinxp7 ❤️ someone who I admire This Is Why You Should NEVER Ignore IDOR! - LostSec youtu.be/lCWgdm3H-OI
Thank you intigriti for the mention in your newsletter again ❤️
Latest Bug Bytes is live! 🚀 This month's issue is as usual packed with bug bounty tips: ✅ Exploiting Log4Shell (Log4J) in 2025 ✅ An indispensable GitHub recon tool (not the one you have in mind) ✅ Advanced WAF evasion techniques & much more! 😎 intigriti.com/researchers/bl…
If anyone needs help bypassing XSS WAFs, you should definitely reach out to him. he’s really skilled at it. I shared targets like MakeMyTrip and a few other sites with him and he did an amazing job.
When did Bugcrowd joined on Medium? 🧐
here we go! hope this helps every beginner trying to master the full recon to exploitation process. i’ve covered every step in detail and will be adding more soon..just a bit caught up with things right now. infosecwriteups.com/recon-to-maste…
Thank you all for the love and support on my latest article on all platforms and your comments🙌 Finally feels like the effort was worth it. I still have a lot to add. it wasn’t easy to organize everything in single article, but I did my best so far. Retweet this to help all…
here we go! hope this helps every beginner trying to master the full recon to exploitation process. i’ve covered every step in detail and will be adding more soon..just a bit caught up with things right now. infosecwriteups.com/recon-to-maste…
Jealousy, ego, greed, lust, and anger are the darkest traits of humanity. They corrupt the mind, poison the heart and ruin lives. Only by rising above them can we find true strength, peace and purpose..
Discovered a remote config injection in Swagger UI at a target in bugcrowd. Thanks🙏 @coffinxp7 for the tips and the payloads, ubarikiwe sana #bugbountytip #bugbountytip #CyberSecurity