Report Writing Tips to Maximize Your Bounty
Medusa
Report Writing Tips to Maximize Your Bounty
8:41
How to Discover High-Paying IDOR Bugs in Real Apps?
Medusa
How to Discover High-Paying IDOR Bugs in Real Apps?
11:45
Bug Bounty Tip: Advanced GitHub Dorking for Maximum Results!
Medusa
Bug Bounty Tip: Advanced GitHub Dorking for Maximum Results!
16:43
Don’t Sleep on Race Conditions – Easy Miss, Big Impact
Medusa
Don’t Sleep on Race Conditions – Easy Miss, Big Impact
13:58
Unboxing the Trap: The Dependency Confusion Hack🎙 Snake Bytes Ep. 5: Package Trap
Medusa
Unboxing the Trap: The Dependency Confusion Hack🎙 Snake Bytes Ep. 5: Package Trap
11:33
Stop Ignoring These Business Logic Issues!
Medusa
Stop Ignoring These Business Logic Issues!
17:46
Hacking Blogs on Medium — Hits, Misses & WTF Moments
Medusa
Hacking Blogs on Medium — Hits, Misses & WTF Moments
23:25
Train Your XSS Muscles With Me!
Medusa
Train Your XSS Muscles With Me!
32:51
Exploiting Exact-match Cache Rules for Web Cache Deception | PortSwigger Lab | Explained
Medusa
Exploiting Exact-match Cache Rules for Web Cache Deception | PortSwigger Lab | Explained
13:04
Grafana CVE-2025-4123: How XSS + Open Redirect Led to Full Account Takeover
Medusa
Grafana CVE-2025-4123: How XSS + Open Redirect Led to Full Account Takeover
14:52
Exploiting Cache Server Normalization for Web Cache Deception | PortSwigger Lab | Explained
Medusa
Exploiting Cache Server Normalization for Web Cache Deception | PortSwigger Lab | Explained
10:14
How to Exploit Uncommon HTTP Headers for Hacking & Bug Bounties?
Medusa
How to Exploit Uncommon HTTP Headers for Hacking & Bug Bounties?
11:34
Mastering OAuth 2.0 Flows: Complete Guide + Security Testing Tips (Okta OAuth Playground)
Medusa
Mastering OAuth 2.0 Flows: Complete Guide + Security Testing Tips (Okta OAuth Playground)
29:40
Why Bug Bounty Hunters Still Check xmlrpc.php in 2025?
Medusa
Why Bug Bounty Hunters Still Check xmlrpc.php in 2025?
9:43
Exploiting Origin Server Normalization For Web Cache Deception | PortSwigger | Explained
Medusa
Exploiting Origin Server Normalization For Web Cache Deception | PortSwigger | Explained
10:13
Exploiting Path Delimiters for Web Cache Deception | PortSwigger Lab | Explained
Medusa
Exploiting Path Delimiters for Web Cache Deception | PortSwigger Lab | Explained
9:20
Exploiting Path Mapping For Web Cache Deception | PortSwigger Lab | Explained
Medusa
Exploiting Path Mapping For Web Cache Deception | PortSwigger Lab | Explained
4:28
Web Cache Deception Made Simple – What You Need to Know!
Medusa
Web Cache Deception Made Simple – What You Need to Know!
12:55
You Asked, I Answered: Anonymous Q&A And My Reaction 😳
Medusa
You Asked, I Answered: Anonymous Q&A And My Reaction 😳
22:04
This Tiny Upload Flaw = Full RCE on Tomcat?! (CVE-2025-24813 Deep Dive)
Medusa
This Tiny Upload Flaw = Full RCE on Tomcat?! (CVE-2025-24813 Deep Dive)
11:19
GraphQL Attacks in the Wild: IDOR, SQLi & More | PART 2
Medusa
GraphQL Attacks in the Wild: IDOR, SQLi & More | PART 2
22:27
How Bug Hunters Map GraphQL APIs? | PART 1
Medusa
How Bug Hunters Map GraphQL APIs? | PART 1
17:28
Bug Bounty Recon: Shadow APIs, Zombie Endpoints & How to Find Them?
Medusa
Bug Bounty Recon: Shadow APIs, Zombie Endpoints & How to Find Them?
15:25
Epic Infosec Week!
Medusa
Epic Infosec Week!
4:45
This Web Application is COOKED! Can we fix it?
Medusa
This Web Application is COOKED! Can we fix it?
37:32
Bug Bounty Hunters, Can You Beat This Quiz?
Medusa
Bug Bounty Hunters, Can You Beat This Quiz?
16:59
When 'Access Denied' Fails: Weird Authorization Bugs!
Medusa
When 'Access Denied' Fails: Weird Authorization Bugs!
11:59
Explaining Random H1 Reports for 20 Minutes Straight!
Medusa
Explaining Random H1 Reports for 20 Minutes Straight!
22:19
Testing for Password Reset Poisoning in APIs – A Bug Hunter’s Guide
Medusa
Testing for Password Reset Poisoning in APIs – A Bug Hunter’s Guide
12:00
OWASP API Top 10 Breakdown | Study Session with CTF Challenges (DVAPI)
Medusa
OWASP API Top 10 Breakdown | Study Session with CTF Challenges (DVAPI)
48:15
Authentication Bypass Via JKU Header Injection | JWT Hacking
Medusa
Authentication Bypass Via JKU Header Injection | JWT Hacking
6:20
Authentication Bypass Via JWK Header Injection | JWT Hacking
Medusa
Authentication Bypass Via JWK Header Injection | JWT Hacking
9:05
Subdomain Enumeration ALL KINDS!
Medusa
Subdomain Enumeration ALL KINDS!
9:36
Hunting Open Redirects: A Pathway to Chaining XSS
Medusa
Hunting Open Redirects: A Pathway to Chaining XSS
7:59
Unmasking the Ghost: The CWE-352 Dilemma🎙 Snake Bytes Ep. 4: Web Ghosts
Medusa
Unmasking the Ghost: The CWE-352 Dilemma🎙 Snake Bytes Ep. 4: Web Ghosts
10:24
Web Cache Poisoning: Hunting Methodology & Real-World Examples
Medusa
Web Cache Poisoning: Hunting Methodology & Real-World Examples
11:24
The Danger of CWE-922 🎙 Snake Bytes Ep. 3: Data Dumpster
Medusa
The Danger of CWE-922 🎙 Snake Bytes Ep. 3: Data Dumpster
9:22
Loose Locks: A Podcast with _smile_hacker_ 🎙 : Snake Bytes Ep. 2
Medusa
Loose Locks: A Podcast with _smile_hacker_ 🎙 : Snake Bytes Ep. 2
19:02
How Missing Keys Leave Your Castle Open🎙 Snake Bytes Ep. 1: Barrier Bypass
Medusa
How Missing Keys Leave Your Castle Open🎙 Snake Bytes Ep. 1: Barrier Bypass
7:09
How To Exploit SSRF To Fetch AWS Credentials
Medusa
How To Exploit SSRF To Fetch AWS Credentials
9:07
OWASP API Top 10 - Broken Authentication
Medusa
OWASP API Top 10 - Broken Authentication
8:45
XSS Using Indirect Prompt Injection | PART 5
Medusa
XSS Using Indirect Prompt Injection | PART 5
6:17
LLM API Hacking | Indirect Prompt Injection in LLM APIs | PART 4
Medusa
LLM API Hacking | Indirect Prompt Injection in LLM APIs | PART 4
10:10
LLM API Hacking | OS Command Injection in LLM APIs | PART 3
Medusa
LLM API Hacking | OS Command Injection in LLM APIs | PART 3
8:45
LLM API Hacking | Excessive Agency | PART 2
Medusa
LLM API Hacking | Excessive Agency | PART 2
5:50
LLM API Hacking | Introduction | PART 1
Medusa
LLM API Hacking | Introduction | PART 1
5:04
HTTP Parameter Pollution VS Mass Assignment
Medusa
HTTP Parameter Pollution VS Mass Assignment
8:42
IDOR In Shopify GraphQL API | Report Explained
Medusa
IDOR In Shopify GraphQL API | Report Explained
4:03
Server-Side Parameter Pollution in REST APIs
Medusa
Server-Side Parameter Pollution in REST APIs
14:29
Exploring Server-Side Parameter Pollution: Real Case Scenario, Parameter Precedence, and More!
Medusa
Exploring Server-Side Parameter Pollution: Real Case Scenario, Parameter Precedence, and More!
15:17
Performing CSRF exploits over GraphQL
Medusa
Performing CSRF exploits over GraphQL
13:28
Bypassing GraphQL Brute-Force Protections
Medusa
Bypassing GraphQL Brute-Force Protections
11:58
Finding a Hidden GraphQL Endpoint
Medusa
Finding a Hidden GraphQL Endpoint
9:02
Accidental Exposure of Private GraphQL Fields
Medusa
Accidental Exposure of Private GraphQL Fields
10:16
Accessing Private GraphQL Fields
Medusa
Accessing Private GraphQL Fields
7:46
Exploiting Mass Assignment Vulnerability in API | PortSwigger
Medusa
Exploiting Mass Assignment Vulnerability in API | PortSwigger
5:25
How Can Fuzzing Help You Find Hidden API Endpoints?
Medusa
How Can Fuzzing Help You Find Hidden API Endpoints?
9:18
How Hackers Exploit API Endpoints Using Documentation?
Medusa
How Hackers Exploit API Endpoints Using Documentation?
7:13
How To Perform DOS Attack in GraphQL | Circular Relationship | Prevention
Medusa
How To Perform DOS Attack in GraphQL | Circular Relationship | Prevention
6:26
How Broken Functionality Level Authorization Occurs? | Code Analysis and Prevention
Medusa
How Broken Functionality Level Authorization Occurs? | Code Analysis and Prevention
8:51
How to Discover API Subdomains? | Subdomain Enumeration | API Hacking
Medusa
How to Discover API Subdomains? | Subdomain Enumeration | API Hacking
5:26
How Mass Assignment Gives You Admin Privileges? | APIs | Code Examples |
Medusa
How Mass Assignment Gives You Admin Privileges? | APIs | Code Examples |
9:24
JWT authentication bypass via 'X-HTTP-Method-Override' Header
Medusa
JWT authentication bypass via 'X-HTTP-Method-Override' Header
3:14
How BOLA in API Endpoint can lead to Account Takeover | Postman | API Security
Medusa
How BOLA in API Endpoint can lead to Account Takeover | Postman | API Security
4:38
Bypass JWT Authentication By Bruteforcing Secret Key | PortSwigger |
Medusa
Bypass JWT Authentication By Bruteforcing Secret Key | PortSwigger |
6:54
Bypass JWT Signature via Flawed Authentication | Access Admin Panel |
Medusa
Bypass JWT Signature via Flawed Authentication | Access Admin Panel |
5:57
Exploiting Stored XSS in GraphQL | DVGA |
Medusa
Exploiting Stored XSS in GraphQL | DVGA |
3:43
Exploiting Command Injection in GraphQL | DVGA |
Medusa
Exploiting Command Injection in GraphQL | DVGA |
5:03
Exploiting SQL Injection in GraphQL | DVGA |
Medusa
Exploiting SQL Injection in GraphQL | DVGA |
7:00
Graphql Endpoint Analysis | Damn Vulnerable Graphql Application |
Medusa
Graphql Endpoint Analysis | Damn Vulnerable Graphql Application |
17:21
TryHackMe: Wireshark Basics | Part 3 |
Medusa
TryHackMe: Wireshark Basics | Part 3 |
13:40
TryHackMe: Wireshark Basics | Part 2 |
Medusa
TryHackMe: Wireshark Basics | Part 2 |
10:50
TryHackMe: Wireshark Basics | Part 1 |
Medusa
TryHackMe: Wireshark Basics | Part 1 |
13:09
Phases of Penetration Testing | WebApp Pentest | Privilege Escalation
Medusa
Phases of Penetration Testing | WebApp Pentest | Privilege Escalation
19:14
XXE Injection to Database Takeover | CVE-2021-29447 | RCE |
Medusa
XXE Injection to Database Takeover | CVE-2021-29447 | RCE |
13:53
Exploiting SQL Injection in API Endpoint | API Hacking | crAPI
Medusa
Exploiting SQL Injection in API Endpoint | API Hacking | crAPI
5:24
Exploiting Mass Assignment Vulnerability | API Hacking | crAPI
Medusa
Exploiting Mass Assignment Vulnerability | API Hacking | crAPI
5:22
Broken Object Level Authorization | Excessive Data Exposure | crAPI
Medusa
Broken Object Level Authorization | Excessive Data Exposure | crAPI
7:09
Exploiting Rate Limiting to Brute-Force OTP | crAPI |
Medusa
Exploiting Rate Limiting to Brute-Force OTP | crAPI |
8:22
Discovering API and Analyzing Endpoints Using Postman and Browser | crAPI |
Medusa
Discovering API and Analyzing Endpoints Using Postman and Browser | crAPI |
14:42
How to Install crAPI in Kali Linux | OWASP | API Testing |
Medusa
How to Install crAPI in Kali Linux | OWASP | API Testing |
3:27
Exploiting File Upload To Get a Root Shell | Hacker vs Hacker | CTF
Medusa
Exploiting File Upload To Get a Root Shell | Hacker vs Hacker | CTF
15:34
PentesterLab Recon Challanges From 16-20 | CTF |
Medusa
PentesterLab Recon Challanges From 16-20 | CTF |
4:03
Installation and Usage of Subjack | Subdomain Takeover | Kali Linux Tool
Medusa
Installation and Usage of Subjack | Subdomain Takeover | Kali Linux Tool
3:11
PentesterLab Recon Challanges From 11-15 | CTF |
Medusa
PentesterLab Recon Challanges From 11-15 | CTF |
5:47
Create your Own Hash Cracking Tool Using Python | With Slides | Explained
Medusa
Create your Own Hash Cracking Tool Using Python | With Slides | Explained
9:36
Create your Own Port Scanning Tool Using Python | With Slides | Explained
Medusa
Create your Own Port Scanning Tool Using Python | With Slides | Explained
9:55
Create Your Own Subdomain Enumeration Tool Using Python | With Slides | Explained
Medusa
Create Your Own Subdomain Enumeration Tool Using Python | With Slides | Explained
8:10
PROMPT.ML | 0x9 | XSS Challange | Level 9 | Explained
Medusa
PROMPT.ML | 0x9 | XSS Challange | Level 9 | Explained
2:34
PROMPT.ML | 0x8 | XSS Challange | Level 8 | Explained
Medusa
PROMPT.ML | 0x8 | XSS Challange | Level 8 | Explained
5:30
PROMPT.ML | 0x7 | XSS Challange | Level 7 | Explained
Medusa
PROMPT.ML | 0x7 | XSS Challange | Level 7 | Explained
3:47
PROMPT.ML | 0x6 | XSS Challange | Level 6 | Explained
Medusa
PROMPT.ML | 0x6 | XSS Challange | Level 6 | Explained
8:03
PROMPT.ML | 0x5 | XSS Challange | Level 5 | Explained
Medusa
PROMPT.ML | 0x5 | XSS Challange | Level 5 | Explained
2:38
PROMPT.ML | 0x4 | XSS Challange | Level 4 | Explained
Medusa
PROMPT.ML | 0x4 | XSS Challange | Level 4 | Explained
5:34
PROMPT.ML | 0x3 | XSS Challange | Level 3 |
Medusa
PROMPT.ML | 0x3 | XSS Challange | Level 3 |
0:52
PROMPT.ML | 0x2 | XSS Challange | Level 2 | Explained
Medusa
PROMPT.ML | 0x2 | XSS Challange | Level 2 | Explained
2:58
PROMPT.ML | 0x1 | XSS Challange | Level 1 | Explained
Medusa
PROMPT.ML | 0x1 | XSS Challange | Level 1 | Explained
1:58
PROMPT.ML | 0x0 | XSS Challange | Level 0 | Explained
Medusa
PROMPT.ML | 0x0 | XSS Challange | Level 0 | Explained
1:16
How to install gau tool and use it | Fetch URLS | Github
Medusa
How to install gau tool and use it | Fetch URLS | Github
3:23