Hacking a new web application from start to finish

Hello ethical hackers and bug bounty hunters! I’ve recently conducted a successful penetration testing against a web application built using Google Web Toolkit, and I want to share with you the process I followed and the bugs I found. Hopefully, this episode will inspire you to try harder during your own bug bounty hunting and penetration testing journey.

I will briefly explain what Google Web Toolkit is and what research has already been made around it. Then, I will explain why and how I built a Burp extension to help me during the penetration testing process. Finally, I will share with you some vulnerabilities I found, especially a cool one which required further effort. So stay with me as we smash this web application into pieces!

Read more details on https://thehackerish.com/hacking-a-google-web-toolkit-application/

Watch the Broken Access Control approach on https://youtu.be/TJQpOrtet8E

Read about IDOR on https://thehackerish.com/idor-explained-owasp-top-10-vulnerabilities/