From Google Dorking to Information Disclosure

Photo by Christian Wiediger on Unsplash

This is a story about how I used google dorking to find sensitive information exposed in a private VDP program. This is a rather short story but I think it is quite interesting. So, I was like why not sharing it?

So, it was just another day of hunting. I was hunting on a private VDP program. Let’s call it redacted.com. I just started hunting on it. So, I was like why not try to find…

--

--

--

Cybersecurity, Part-time bug bounty hunter. Support me by subscribe: https://mikekitckchan.medium.com/membership. Ping me for online private tutoring.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

SolDate: Solving the Problems

Introducing the CyberChimps NFTs — you could win a whitelist spot!

The HR Guide to Employee Data Protection

How Should the U.S. Respond to the SolarWinds and Microsoft Exchange Hacks?

Oblivious DNS Boosting privacy and aligning with CIA

Cross-Site Request Forgery (XSRF)

MultiVAC Monthly Report for February 2021

[Some Interesting] Cloud ‘n Sec news: 06th May 22

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
MikeChan

MikeChan

Cybersecurity, Part-time bug bounty hunter. Support me by subscribe: https://mikekitckchan.medium.com/membership. Ping me for online private tutoring.

More from Medium

From Simple Recon to Reflected XSS

2FA Bypass on private bug bounty program due to CSRF token misconfiguration

SVG based Stored XSS

A tale of zero click account takeover