Persistence is the Key to Success.🔥

Image for post
Image for post

Hey everyone! I hope you all are doing well!

Rohit soni is back with another write-up and this time it’s about critical SSRF which leads to AWS credentials disclosure. Let’s dive into it without wasting time.

Couple of months back when there was lockdown in whole world due to COVID-19 pandemic I was spending my most of time in hunting, learning and exploring new stuff (specifically about pentesting😜).

One day while scrolling linkedin feed I saw one guy’s post saying got hall of fame in target.com website. …


Can browser extension get you high severity vulnerabilities?

shodan.io also known as hacker’s search engine
shodan.io also known as hacker’s search engine
shodan.io also known as hacker’s search engine.

Hey everyone! I hope you all are doing well!

Rohit soni is back with another write-up and this time it is about how shodan browser extension helped me to get high severity vulnerability while hunting on moviexchange.com I hope you will enjoy :-)

So, Here is my little story….

While roaming on linkedin feed I came to know moviexchange has responsible disclosure policy and they add individuals to their “Security Researcher Hall of Fame” for reporting valid vulnerability.

I took a look at scope and saw all subdomains are in-scope — *.moviexchange.com…


A short story behind how I got hall of fame in teamster.app by finding my first broken link hijacking in just two minutes.

Hey everyone! I hope you all are doing well!

I am rohit soni and this is my first write-up hope you will enjoy :-)

First of all, What is broken link hijacking.!?

Broken Link Hijacking (BLH) exists whenever a target links to an expired domain or page. In simple terms, Broken Link Hijacking is process to find expired links and exploiting them.

Wondering how can I find broken/expired links?

Read this amazing blog written by Edoverflow: https://edoverflow.com/2017/broken-link-hijacking/

Rohit Soni

I am just a random bug bounty hunter who is Passionate about learning more and more….🔥

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store