heroxo9868

Available for immediate withdrawal€470

Professional Bio

Crafting your researcher identity starts here. Edit your settings to add a bio.

Documented

Writeups

Cheatsheets

Tools

Featured Content

Insecure Direct Object Reference (IDOR) (CWE-639)FREE

IDOR leads Unauthorized Staff Member Removal via Insufficient Authorization Checks

Missing authorization checks allow unauthorized users to remove staff members from accounts they do not own, leading to potential disruption and abuse.

heroxo9868

130

Mar 17, 2026

CVSS6.5

€470

Improper Access Control - Generic (CWE-284)FREE

2FA Bypass Despite Fix via Manual Injection of isVerifyAuth Cookie in Local Storage

After an initial 2FA bypass vulnerability was “fixed” by removing the isVerifyAuth cookie from local storage, the application still trusted this value if it existed.

heroxo9868

Mar 17, 2026

CVSS4.8

OtherFREE

Automated Pentesting with Claude AI

Claude is effective at automated discovery and structured testing, but has notable blind spots; its ability to recognize what it missed adds value.

heroxo9868

Mar 17, 2026

LogicalBreach Academy

heroxo9868

Professional Bio

Featured Content

IDOR leads Unauthorized Staff Member Removal via Insufficient Authorization Checks

2FA Bypass Despite Fix via Manual Injection of isVerifyAuth Cookie in Local Storage

Automated Pentesting with Claude AI