Skip to content
appsecwriteups.com

Learning AppSec Through Android & Web Vulnerability Writeups

  • Home
  • Android
  • Web
  • Desktop
  • Shielded
  • Home
  • Android
  • Web
  • Desktop
  • Shielded
Top Writeup
Home » Archives for Jivan Magare » Page 2
About Jivan Magare
Hi, I’m Jivan — a cybersecurity enthusiast deeply committed to protecting digital systems and information in an increasingly connected world. With hands-on experience in web application security, API penetration testing, Android and iOS app security, and thick client application testing, I specialize in identifying vulnerabilities and helping organizations strengthen their digital defenses. My mission is to make the internet a safer place by responsibly disclosing security issues and recommending effective remediation strategies. I'm currently diving deeper into Web 3.0 and iOS development to stay ahead in the ever-evolving tech landscape. 🛠️ Technical Skills Web Technologies & Programming: HTML, CSS, JavaScript, Sass, PHP, MySQL, SQL, C, C++, Java, Bash Scripting, Python (Android & Web Development, iOS with Swift and SwiftUI) Desktop Application Security & Thick Client Application Pentesting : Pentesting of Windows Executables (exe) and Standalone Applications. Operating Systems: Linux, Unix, Windows 🏆 Recognitions My contributions have earned me recognition in the Hall of Fame of several top-tier organizations, including: Apple (8x), Truecaller, Vimeo, Jio, Zoho, BugBase, VWO, NTUC Enterprise, and more — including private programs that remain confidential for security reasons.
How I Found a No Rate Limit Vulnerability on a Login Endpoint, Earned a 100€ Bounty, and My Approach to Testing for No Rate Limit Issues
Posted inWeb

How I Found a No Rate Limit Vulnerability on a Login Endpoint, Earned a 100€ Bounty, and My Approach to Testing for No Rate Limit Issues

Posted by By Jivan Magare May 10, 2025
Hi friends, I’m Jivan, back with another write-up related to a No Rate Limit vulnerability.In…
Read More
How I Discovered a High-Severity IDOR Vulnerability in an Android Hotel Booking App and Earned a $80 Bounty
Posted inAndroid

How I Discovered a High-Severity IDOR Vulnerability in an Android Hotel Booking App and Earned a $80 Bounty

Posted by By Jivan Magare May 9, 2025
Hi everyone, Jivan here!I'm back with another Android vulnerability report. In this write-up, I’ll walk…
Read More
How I Found an OTP Bypass Vulnerability in an Android App and Was Rewarded 150€ Euros as a Bounty
Posted inAndroid

How I Found an OTP Bypass Vulnerability in an Android App and Was Rewarded 150€ Euros as a Bounty

Posted by By Jivan Magare May 9, 2025
Welcome to my very first bug bounty write-up! Hi, I'm Jivan — a passionate self-taught…
Read More

Posts pagination

Previous page 1 2

Archives

  • January 2026
  • October 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025

Recent Comments

  1. Jivan Magare on Protected: My First Day Pentesting Thick‑Client Apps — Discovered a Critical IDOR in a Desktop Client with a Full Black‑Box Approach
  2. Shubham on Protected: My First Day Pentesting Thick‑Client Apps — Discovered a Critical IDOR in a Desktop Client with a Full Black‑Box Approach
  3. Jivan Magare on How I Found a No Rate Limit Vulnerability on a Login Endpoint, Earned a 100€ Bounty, and My Approach to Testing for No Rate Limit Issues
  4. Shubham on How I Found a No Rate Limit Vulnerability on a Login Endpoint, Earned a 100€ Bounty, and My Approach to Testing for No Rate Limit Issues
  5. Jivan Magare on CSRF Account Deletion: How I Turned an “Excluded” Bug Into $87 USD Bounty

Recent Posts

  • Protected: Why a Critical-Looking Vulnerability Was Downgraded: Exposed SSH Credentials Explained
  • Protected: My First Day Pentesting Thick‑Client Apps — Discovered a Critical IDOR in a Desktop Client with a Full Black‑Box Approach
  • How I Found a Critical Privilege Escalation That Let an Unprivileged User Become Admin and Earn $579 USD Bounty
  • CSRF Account Deletion: How I Turned an “Excluded” Bug Into $87 USD Bounty
  • How to Identify and Handle Firebase Security Misconfigurations A Case Study

Categories

  • Android
  • Desktop
  • Web

🔗Follow Me

  • LinkedIn

💬Contact Us

📩 Have questions, suggestions, or found a security issue? Reach out to us at: contact@appsecwriteups.com

🛡️Privacy Policy

Privacy Policy

Copyright 2026 — appsecwriteups.com. All rights reserved. appsecwriteups.com
Scroll to Top