https://herish.me/blog/starting-to-write-blogs-cybersecurity-journey/ 2025-08-28T18:01:19.317Z monthly 0.5 https://herish.me/privacy-policy/ 2025-09-05T00:00:00.000Z yearly 0.4 https://herish.me/terms-of-service/ 2025-09-05T00:00:00.000Z yearly 0.4 https://herish.me/blog/0cl-request-smuggling/ 2025-09-09T15:47:00.000Z monthly 0.5 https://herish.me/blog/sqli-where-clause-hidden-data/ 2025-09-23T22:06:00.000Z monthly 0.5 https://herish.me/blog/the-ultimate-guide-to-sql-injection-sqli/ 2025-10-05T16:00:00.000Z monthly 0.5 https://herish.me/blog/sqli-login-bypass/ 2025-10-06T18:00:00.000Z monthly 0.5 https://herish.me/blog/sqli-union-column-count/ 2025-10-07T16:31:00.000Z monthly 0.5 https://herish.me/blog/sqli-union-find-text-column/ 2025-10-08T17:05:00.000Z monthly 0.5 https://herish.me/blog/sqli-union-retrieve-data/ 2025-10-09T17:00:00.000Z monthly 0.5 https://herish.me/blog/sqli-union-multi-values-single-column/ 2025-10-10T17:00:00.000Z monthly 0.5 https://herish.me/blog/sqli-database-type-version/ 2025-10-11T17:00:00.000Z monthly 0.5 https://herish.me/blog/sqli-list-database-contents/ 2025-10-12T17:00:00.000Z monthly 0.5 https://herish.me/blog/sqli-blind-conditional-responses/ 2025-10-13T17:00:00.000Z monthly 0.5 https://herish.me/blog/sqli-blind-conditional-errors/ 2025-10-14T17:00:00.000Z monthly 0.5 https://herish.me/blog/sqli-visible-error-based/ 2025-10-15T17:00:00.000Z monthly 0.5 https://herish.me/blog/sqli-blind-time-delays/ 2025-10-16T17:00:00.000Z monthly 0.5 https://herish.me/blog/sqli-blind-oob-interaction/ 2025-10-17T17:00:00.000Z monthly 0.5 https://herish.me/blog/sqli-blind-oob-exfiltration/ 2025-10-18T17:00:00.000Z monthly 0.5 https://herish.me/blog/sqli-filter-bypass-xml-encoding/ 2025-10-19T17:00:00.000Z monthly 0.5 https://herish.me/blog/sqli-oracle-db-version/ 2025-10-20T17:00:00.000Z monthly 0.5 https://herish.me/blog/sqli-oracle-listing-database-contents/ 2025-10-21T17:00:00.000Z monthly 0.5 https://herish.me/blog/sqli-blind-time-delays-basic/ 2025-10-22T17:00:00.000Z monthly 0.5 https://herish.me/blog/bounty-xss-sidefx-messaging/ 2025-10-23T17:00:00.000Z monthly 0.5 https://herish.me/blog/idor-bug-bounty-burp-suite/ 2025-10-24T17:00:00.000Z monthly 0.5 https://herish.me/blog/bac-unauthorized-pension-removal/ 2025-10-25T17:00:00.000Z monthly 0.5 https://herish.me/blog/0click-account-takeover-punycode/ 2025-10-26T17:00:00.000Z monthly 0.5 https://herish.me/blog/race-condition-double-signup/ 2025-10-27T17:00:00.000Z monthly 0.5 https://herish.me/blog/earn-1k-month-info-disclosure/ 2025-10-28T17:00:00.000Z monthly 0.5 https://herish.me/blog/xss-bug-hope-250/ 2025-10-29T16:59:00.000Z monthly 0.5 https://herish.me/blog/bac-easy-130-user-to-admin/ 2025-10-30T05:00:00.000Z monthly 0.5 https://herish.me/blog/ai-defend-vs-hackers-pentesters-reality/ 2025-10-31T17:00:00.000Z monthly 0.5 https://herish.me/blog/otp-bypass-500-duplicate-lesson/ 2025-11-01T17:01:00.000Z monthly 0.5 https://herish.me/blog/403-bypass-1000-bounty/ 2025-11-02T17:00:00.000Z monthly 0.5 https://herish.me/blog/lfi-to-rce-5000-bounty/ 2025-11-03T17:00:00.000Z monthly 0.5 https://herish.me/blog/authbypass-password-reset-4000-bounty/ 2025-11-04T17:00:00.000Z monthly 0.5 https://herish.me/blog/authbypass-null-role-admin-takeover/ 2025-11-05T17:00:00.000Z monthly 0.5 https://herish.me/blog/parameter-tampering-zero-eur-bug/ 2025-11-06T17:00:00.000Z monthly 0.5 https://herish.me/blog/xss-url-waf-bypass/ 2025-11-07T17:00:00.000Z monthly 0.5 https://herish.me/blog/auth-reset-flow-broken-validation/ 2025-11-08T17:00:00.000Z monthly 0.5 https://herish.me/blog/local-api-rebinding-mcp/ 2025-11-09T17:00:00.000Z monthly 0.5 https://herish.me/blog/xss-unsafe-eval-dom/ 2025-11-10T17:00:00.000Z monthly 0.5 https://herish.me/blog/idor-master-key/ 2025-11-11T17:00:00.000Z monthly 0.5 https://herish.me/blog/ai-model-extraction-training-data-heist/ 2025-11-12T17:00:00.000Z monthly 0.5 https://herish.me/blog/access-control-apocalypse-broken-permissions/ 2025-11-13T17:00:00.000Z monthly 0.5 https://herish.me/blog/vision-api-privacy-leakage/ 2025-11-14T17:00:00.000Z monthly 0.5 https://herish.me/blog/prompt-injection-pandemonium/ 2025-11-15T17:00:00.000Z monthly 0.5 https://herish.me/blog/voice-assistant-eavesdropper/ 2025-11-16T17:00:00.000Z monthly 0.5 https://herish.me/blog/access-control-403-bypass/ 2025-11-17T17:00:00.000Z monthly 0.5 https://herish.me/blog/privilege-escalation-token-forgery/ 2025-11-18T17:00:00.000Z monthly 0.5 https://herish.me/blog/cloud-azure-speech-api-key-exposure/ 2025-11-19T17:00:00.000Z monthly 0.5 https://herish.me/blog/dom-xss-nasa-hacking-story/ 2025-11-20T17:00:00.000Z monthly 0.5 https://herish.me/blog/ssrf-gitlab-import-url-internal-network-probing/ 2025-11-21T17:00:00.000Z monthly 0.5 https://herish.me/blog/auth-bypass-hardcoded-otp-government-app/ 2025-11-22T17:00:00.000Z monthly 0.5 https://herish.me/blog/stripe-subscription-escalation-default-payment-behavior/ 2025-11-23T17:00:00.000Z monthly 0.5 https://herish.me/blog/cache-poisoning-case-studies-part-1-foundational-attacks/ 2025-11-24T17:00:00.000Z monthly 0.5 https://herish.me/blog/cache-poisoning-case-studies-part-2-advanced-cloud-framework-attacks/ 2025-11-25T17:00:00.000Z monthly 0.5 https://herish.me/blog/cache-poisoning-case-studies-part-3-oauth-api-gateway-supply-chain/ 2025-11-26T17:00:00.000Z monthly 0.5 https://herish.me/blog/spark-ar-rce-package-postinstall/ 2025-11-27T17:00:00.000Z monthly 0.5 https://herish.me/blog/idor-pii-exposure-6-million-users/ 2025-11-28T17:00:00.000Z monthly 0.5 https://herish.me/blog/cloudflare-origin-ip-bypass-misconfiguration/ 2025-11-29T17:00:00.000Z monthly 0.5 https://herish.me/blog/reflected-xss-account-takeover-analysis/ 2025-11-30T17:00:00.000Z monthly 0.5 https://herish.me/blog/idor-400-bad-request-document-name-disclosure/ 2025-12-01T17:00:00.000Z monthly 0.5 https://herish.me/blog/modern-recon-ai-hunting/ 2025-12-02T17:00:00.000Z monthly 0.5 https://herish.me/blog/oauth-authentication-bypass-pii-exposure-analysis/ 2025-12-03T17:00:00.000Z monthly 0.5 https://herish.me/blog/ssrf-chatgpt-custom-actions-azure-metadata/ 2025-12-04T17:00:00.000Z monthly 0.5 https://herish.me/blog/bugbounty-program-wins-researcher-loses/ 2025-12-05T17:00:00.000Z monthly 0.5 https://herish.me/blog/identity-hijacking-email-schema-validation-bug/ 2025-12-06T17:00:00.000Z monthly 0.5 https://herish.me/blog/401-error-information-disclosure/ 2025-12-07T17:00:00.000Z monthly 0.5 https://herish.me/blog/cloud-storage-misconfiguration-ctf-storage-showdown-remastered/ 2025-12-08T17:00:00.000Z monthly 0.5 https://herish.me/blog/ctf-sql-truncation-account-duplication/ 2025-12-09T17:00:00.000Z monthly 0.5 https://herish.me/blog/react2shell-cve-2025-55182-cve-2025-66478-explained/ 2025-12-10T17:00:00.000Z monthly 0.5 https://herish.me/blog/slowloris-dos-nodejs-cve-2018-12122-cve-2019-5739/ 2025-12-11T17:00:00.000Z monthly 0.5 https://herish.me/blog/lfi-cloud-single-parameter-catastrophe/ 2025-12-12T17:00:00.000Z monthly 0.5 https://herish.me/blog/reflected-xss-global-gaming-platform-case-study/ 2025-12-13T17:00:00.000Z monthly 0.5 https://herish.me/blog/idor-enumeration-image-download-filename-prediction/ 2025-12-14T17:00:00.000Z monthly 0.5 https://herish.me/blog/business-logic-account-entrapment-team-name-bypass/ 2025-12-15T17:00:00.000Z monthly 0.5 https://herish.me/blog/bug-bounty-mistakes-before-first-bounty/ 2025-12-16T17:00:00.000Z monthly 0.5 https://herish.me/blog/how-to-get-your-first-cve-as-a-beginner/ 2025-12-17T17:00:00.000Z monthly 0.5 https://herish.me/blog/broken-auth-email-preferences-business-logic/ 2025-12-18T17:00:00.000Z monthly 0.5 https://herish.me/blog/idor-predictable-filenames-image-download/ 2025-12-19T17:00:00.000Z monthly 0.5 https://herish.me/blog/graphql-privilege-escalation-editor-to-owner/ 2025-12-20T17:00:00.000Z monthly 0.5 https://herish.me/blog/websec-content-security-policy-complete-guide/ 2025-12-21T17:00:00.000Z monthly 0.5 https://herish.me/blog/yelp-xss-cookie-smuggling-account-takeover/ 2025-12-22T17:00:00.000Z monthly 0.5 https://herish.me/blog/how-to-test-for-idor-practical-methodology/ 2025-12-23T17:00:00.000Z monthly 0.5 https://herish.me/blog/response-manipulation-business-logic-flaws/ 2025-12-24T17:00:00.000Z monthly 0.5 https://herish.me/blog/blind-xss-rockstar-games-admin-panel/ 2025-12-25T17:00:00.000Z monthly 0.5 https://herish.me/blog/five-bounties-one-ssrf-multiple-bypass-techniques/ 2025-12-26T17:00:00.000Z monthly 0.5 https://herish.me/blog/file-inclusion-vulnerabilities-bug-bounty/ 2025-12-27T17:00:00.000Z monthly 0.5 https://herish.me/blog/cve-2025-64446-fortiweb-rce-analysis/ 2025-12-28T17:00:00.000Z monthly 0.5 https://herish.me/blog/reset-password-poisoning-host-header/ 2025-12-29T17:00:00.000Z monthly 0.5 https://herish.me/blog/csrf-vulnerability-high-bounty-full-breakdown/ 2025-12-30T17:00:00.000Z monthly 0.5 https://herish.me/blog/idor-unauthorized-access-user-pii/ 2025-12-31T17:00:00.000Z monthly 0.5 https://herish.me/blog/nasa-appreciation-letter-cve-2025-0133-xss/ 2026-01-01T17:00:00.000Z monthly 0.5 https://herish.me/blog/header-based-idor-client-controlled-account-id/ 2026-01-02T17:00:00.000Z monthly 0.5 https://herish.me/blog/critical-idor-university-student-data-exposure/ 2026-01-03T17:00:00.000Z monthly 0.5 https://herish.me/blog/email-verification-bypass-full-organization-takeover/ 2026-01-04T17:00:00.000Z monthly 0.5 https://herish.me/blog/info-disclosure-revive-adserver-verbose-errors/ 2026-01-11T17:00:00.000Z monthly 0.5 https://herish.me/about/ 2026-01-11T17:03:17.509Z monthly 0.7 https://herish.me/blog/ 2026-01-11T17:03:17.517Z daily 0.9 https://herish.me/contact/ 2026-01-11T17:03:17.517Z monthly 0.7 https://herish.me/ 2026-01-11T17:03:17.517Z weekly 1.0