Writeups
Structured vulnerability reports and technical documentation from authorized testing.
Vulnerability Report
Brute-Force Vulnerability — Missing Rate Limiting
Authentication endpoint with no rate limiting, allowing unlimited login attempts. Identified during authorized internship testing.
High Severity
Read Full Report →
Vulnerability Report
Improper Server-Side Input Validation
Missing server-side validation on user_type field accepted arbitrary values through direct API requests, affecting data integrity.
Medium Severity
Read Full Report →