- 2026-06-28
Hunting IDOR / BOLA in the Wild
A repeatable workflow for finding broken object-level authorization in modern APIs — from mapping object references to proving impact.
- 2026-06-12
A Recon Workflow That Actually Scales
Turning a wildcard scope into a prioritized attack surface without melting your VPS — passive first, resolve, probe, then triage.