Blog | kaisec

Latest Writeups & Articles

By : kaisec

JWTs for People Who Hunt Bugs, Not Blog Posts

Mar 17, 2026

Read Writeup

By : kaisec

Most Bug Bounty Writeups are Recycled: Real Bugs are Hiding in the Specs

Mar 17, 2026

Read Writeup

By : kaisec

Research

Replaced by a Goldfish

Mar 07, 2026

Read Writeup

By : kaisec

Bug Bounty

Stop Ignoring WebSockets — There Are P1s to Be Found

Mar 07, 2026

Read Writeup

By : kaisec

Bug Bounty

Hacking OAuth: The Direct Path to Account Takeover (ATO) Slug: hacking-oauth-account-takeover

Feb 27, 2026

Read Writeup

By : kaisec

CTF Writeup

XSS-Leak: Leaking Cross-Origin Redirects

Feb 26, 2026

Read Writeup

By : kaisec

Vulnerability Analysis

Google API Keys Weren't Secrets. But then Gemini Changed the Rules.

Feb 26, 2026

Read Writeup

By : kaisec

Bug Bounty

From Zero to Paid Hunter: The Counter-Intuitive Bug Bounty Roadmap for 2026 Slug: bug-bounty-roadmap-2026

Feb 26, 2026

Read Writeup

kaisec

Cybersecurity expert with 6 years of Full Stack Development experience. Specializing in Bug Bounty Hunting, CTFs, and AI-driven security research.

Active hunter on HackerOne, Bugcrowd, Intigriti, and YesWeHack.

Navigation

Services

Contact Us

+61 3 8376 6284
kaisec42@gmail.com
21 King Street Melbourne, 3000, Australia

Security Writeups

Latest Writeups & Articles

JWTs for People Who Hunt Bugs, Not Blog Posts

Most Bug Bounty Writeups are Recycled: Real Bugs are Hiding in the Specs

Replaced by a Goldfish

Stop Ignoring WebSockets — There Are P1s to Be Found

Hacking OAuth: The Direct Path to Account Takeover (ATO) Slug: hacking-oauth-account-takeover

XSS-Leak: Leaking Cross-Origin Redirects

Google API Keys Weren't Secrets. But then Gemini Changed the Rules.

From Zero to Paid Hunter: The Counter-Intuitive Bug Bounty Roadmap for 2026 Slug: bug-bounty-roadmap-2026

kaisec

Navigation

Services

Contact Us