Hackersatty – Learn Ethical Hacking, Bug Bounty, and Cybersecurity Tips
Hack Ethicaly, Hunt Bugs
Satyam Pawale (@hackersatty) Introduction If you’re a bug bounty hunter, JavaScript js files should be your best friends. They’re often overlooked but loaded with critical clues like hidden API endpoints, … Read More
By Satyam Pawale (@hackersatty) About Me IDOR Vulnerability Hello all! My name is Satyam Pawale, or simply @hackersatty within the bug bounty space. I started my cybersecurity journey in … Read More
GraphQL is an awesome query language for APIs, letting you grab exactly the data you need. But without tight security, its flexibility can backfire. During a test, I found a flaw in a GraphQL endpoint (think sample paths like /graphql or /graphql.json). A user with a “finance” role token could tweak requests to sneak into admin-level data—yikes! The server skipped privilege checks, opening the door to unauthorized access. Hackersatty is here to break it down!