- Intro to IDOR
- IDOR Playlist by XSS rat
- IDOR vulnerability automation using Autorize and AutoRepeater
- Finding Your First Bug: Manual IDOR Hunting
- How I made 1k in a day with IDORs! (10 Tips!)
- Why Your IDORs Get NA’d, Cookies Explained
- Automating IDORS with Autorize
- How To: Find IDOR (Insecure Direct Object Reference) Vulnerabilities for large bounty rewards
- How critical is IDOR vulnerability?
- How to find more IDORs
- Everything You Need to Know About IDOR (Insecure Direct Object References)
- All About IDOR Attacks
- IDOR in editing courses
- Insecure Direct Object References Reset Password
- InvisionApp IDOR
- Kinja IDOR Poc
- IDOR vulnerability in Hackerone
- IDOR explained
- All About Getting First Bounty with IDOR
- Hunting Insecure Direct Object Reference Vulnerabilities for Fun and Profit (PART-1)
- Hunting Insecure Direct Object Reference Vulnerabilities for Fun and Profit (PART 2)
- Make IDOR great again!
- IDOR Vulnerability – Exploit, Types and Mitigation
- Exploitation Against IDOR Vulnerability
- IDOR in Google APIs
- A Short Story of IDOR To Account Takeover
- Insecure Direct Object Reference within Amadeus Check-in Application
- IDOR (at Private Bug Bounty Program) that could Leads to Personal Data Leaks
- Sessions-Based Insecure Direct Object Reference (IDOR) allowing unauthenticated user profile access
- IDOR to add secondary users in www.paypal.com/businessmanage/users/api/v1/users
- IDOR allow access to payments data of any user
- idor allows you to delete photos and album from a gallery
- IDOR allows any user to edit others videos
- Singapore - Account Takeover via IDOR
- IDOR when editing users leads to Account Takeover without User Interaction at CrowdSignal
- I.D.O.R To Order,Book,Buy,reserve On YELP FOR FREE (UNAUTHORIZED USE OF OTHER USER'S CREDIT CARD)
- IDOR in the https://market.semrush.com/
- IDOR leads to Edit Anyone's Blogs / Websites
- IDOR for order delivery address
#Two Factor Authenication Bypass
- Bypassing the Protections — MFA Bypass Techniques for the Win
- 2FA Bypass Techniques Mindmap
- 5 ways attackers can bypass two-factor authentication
- 4 Methods to Bypass two factor Authentication
- 2FA/OTP Bypass
- Using Session Puzzling to Bypass Two-Factor Authentication
#Cross-site Scripting (XSS)
- Apple Bug bounty writeups XSS(2021)
- XSS Through Parameter Pollution
- Exploiting XSS via Markdown on Xiaomi
- Reflected DOM-based XSS on DomaiNesia
- How I found Cross-Site-Scripting (Reflected) on more than 300 systems!
- Telegram bug bounties: XSS, privacy issues, official bot exploitation and more…
- How I was able to inject XSS payload into any user's mailbox
- XSS via Exif Data - The P2 Elevator
- How I earned $$$$ through Stored XSS
- How I got 9000 USD by hacking into iCloud
- Stored XSS on the DuckDuckGo search results page