Open in app

Sign In

Write

Sign In

Ahmad A Abdulla
Ahmad A Abdulla

458 Followers

Home

About

Feb 19

For the first time in Kurdistan and Iraq, we organized a hacking AND CTF challenge conference

Hello, my name is Ahmed Abdullah we were able to organize a hacking conference for 3 days in Iraqi Kurdistan in Sulaimani, I am a hacker and researcher on the HackerOne platform lu3ky-13 During these three days, we were able to introduce HackerOne and HackerOne work to our people, especially…

Bugbounty Writeup

4 min read

For the first time in Kurdistan and Iraq, we organized a hacking AND CTF challenge conference
For the first time in Kurdistan and Iraq, we organized a hacking AND CTF challenge conference
Bugbounty Writeup

4 min read


Jan 9

bypass two-factor authentication in Android apps and web 1000$ TikTok

bypass two-factor authentication in Android apps and web All #TikTok Apps Edit descriptionwww.youtube.com #bugbounty #bug #bounty

Bug Bounty

1 min read

Bug Bounty

1 min read


Dec 24, 2022

How to earn $2500 a month through Bug bounty [Kurdish languages]

سەرەتا سلاوتان لێبێت من احمد عبدالله لە (سایبەر شێلد)دەمەوێت لەم نووسینەمدا باسی ئەوەتان بۆبكەم كە چۆن ببیتە بەگ باونتەریكی سەركەوتویان ببیت بە هاككریكی سەركەوتو دەزانم ئیستا كەدیت ئەم بابەتە ئەخوێنیتەوە ریك چاوت دەچیتەسەر ئەوبرە پارەیەی نووسیومە سەرەتا دەمەوێت بلیم ئەگەر تۆ ناتوانی بیتە ئەم جیهانە قوولە تكایە كاتی خۆت مەكوژە…

Bug Bounty

6 min read

How to earn $2500 a month through Bug bounty [Kurdish languages]
How to earn $2500 a month through Bug bounty [Kurdish languages]
Bug Bounty

6 min read


Oct 6, 2022

Mr. Robot: Self Xss from Informative to high 1200$ ,csrf, open redirect,self xss to stored

Mr. Robot: Self Xss from Informative to high 1200$ ,csrf, open redirect,self xss to stored Hello all bug bounty hunters sorry for any mistake if I forget something to use this writeup for your RECON or you’re RESEARCHING, I found 2 w 3 bugs with the same idea I submitted this bug to private programs but I changed everything here name website and panel and…

Bug Bounty

3 min read

Mr. Robot: Self Xss from Informative to high 1200$ ,csrf, open redirect,self xss to stored
Mr. Robot: Self Xss from Informative to high 1200$ ,csrf, open redirect,self xss to stored
Bug Bounty

3 min read


Apr 7, 2022

Multiple vulnerability leading to account takeover in TikTok SMB subdomain.

I’m here to tell you how I account takeover in TikTok I submitted this bug in HackerOne and I got 1000$ for this bug this domain’s third party and out of scope he pays bounty because it’s Critical bug First:- how did I find this domain? i take this URL…

Bug Bounty

3 min read

vulnerabilityMultiple vulnerability leading to account takeover in TikTok SMB subdomain.
vulnerabilityMultiple vulnerability leading to account takeover in TikTok SMB subdomain.
Bug Bounty

3 min read


May 4, 2021

How I Found Sql Injection on intensedebate.com (h1) in 5 minute $350

I’m here to tell you how I found SQL injection on this website at HackerOne just in 5 minutes and I got 350$ without any tools to recon just I used my mind and google search after 2 or 3 minutes I found a zip on a website like https://intensedebate.com/intensedebate.zip…

Bug Bounty

2 min read

How I Found Sql Injection on intensedebate.com (h1) in 5 minute $350
How I Found Sql Injection on intensedebate.com (h1) in 5 minute $350
Bug Bounty

2 min read


Mar 25, 2021

microsoft authenticator app bypass time-based stop otp refreshing

how i bypassed microsoft authenticator time-based stop otp refreshing funny POC my name is Ahmed a Abdulla I would like to report stop otp refreshing that allows to an attacker stop refreshing OTP in 30s and an attacker can brute force account and steal code login all account in one time an attacker can bypass 2FA via brute force cuz the refreshing OTP is stopped Microsoft authenticator I test on iPad mini 3 Version 12.4.9

Microsoft Authenticator

1 min read

microsoft authenticator app bypass time-based stop otp refreshing
microsoft authenticator app bypass time-based stop otp refreshing
Microsoft Authenticator

1 min read


Mar 11, 2021

How I Found Sql Injection on 8x8 , Cengage,Comodo,Automattic,20 company

How I Found Sql Injection on 8x8 , Cengage ,Comodo ,Automattic ,intel ,IBM ,MTN Group ,uis.cam.ac.uk ,volvocars.biz ,asus.com — What is SQL injection (SQLi)? SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve. This might include data belonging to other users, or any other…

Bug Bounty

2 min read

How I Found Sql Injection on 8x8 , Cengage,Comodo,Automattic,20 company
How I Found Sql Injection on 8x8 , Cengage,Comodo,Automattic,20 company
Bug Bounty

2 min read


Mar 8, 2021

CVE-2019–17558: Apache Solr Vulnerable to Remote Code Execution Zero-Day Vulnerability

Background On October 29, a proof of concept (PoC) for a remote code execution (RCE) vulnerability in Apache Solr, a popular open-source search platform built on Apache Lucene, was published as a GitHub Gist. At the time this blog post was published, this vulnerability did not have a CVE identifier and…

Bug Bounty

2 min read

CVE-2019–17558: Apache Solr Vulnerable to Remote Code Execution Zero-Day Vulnerability
CVE-2019–17558: Apache Solr Vulnerable to Remote Code Execution Zero-Day Vulnerability
Bug Bounty

2 min read

Ahmad A Abdulla

Ahmad A Abdulla

458 Followers

https://twitter.com/lu3ky13|||||https://hackerone.com/lu3ky-13

Following
  • InfoSec Write-ups

    InfoSec Write-ups

  • Nikhil (niks)

    Nikhil (niks)

  • Sayed Abdelhafiz

    Sayed Abdelhafiz

  • Ahmad Halabi

    Ahmad Halabi

See all (7)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech