API Hunting to Employee PII Data

API Hunting to Employee PII Data
好的，用户让我用中文总结一下这篇文章的内容，控制在100字以内，而且不需要用“文章内容总结”之类的开头。首先，我需要理解文章的大致内容。文章标题是“Fuzzing on APIs”，看起来是关于API漏洞挖掘的。作者提到他提交了一个API漏洞到常规漏洞赏金计划后，决定寻找另一个他喜欢的品牌的漏洞赏金计划。然后他使用subfinder工具查找子域名，发现了一个有趣的子域名ghost.company.com，并进一步探索。接下来，我需要提取关键点：作者分享了API漏洞挖掘的经验，使用了subfinder工具查找子域名，发现并探索了新的子域名。这些都是主要内容。现在，我需要用简洁的语言把这些点整合起来，控制在100字以内。同时避免使用任何开头语句，直接描述内容。可能的总结：“作者分享了API漏洞挖掘经验，通过subfinder工具查找公司子域名，发现并探索了新的子域名ghost.company.com。” 这样既涵盖了主要步骤，又符合字数限制。 </think> 作者分享了API漏洞挖掘经验，通过subfinder工具查找公司子域名，发现并探索了新的子域名ghost.company.com。 2026-3-15 14:17:16 Author: infosecwriteups.com(查看原文) 阅读量:10 收藏

Fuzzing on APIs

Read for Freee..ee👈

Shinji

Hunters🐺,

I have a new API Hacking write-up to share with you, this one is really crazy because it’s just take some hours to find this API bug. You can read about other API Bugs:

I am not consistent with my hunting write-ups because of my recent job but thanks whoever reading my write-ups.

Introduction

Just after submitting API bug to my regular bug bounty program, I have decided to search for one of my faviourite brand bug bounty program and It turns out they have self-hosted bug bounty program.

I picked the global subdomain and ran subfinder for quick subdomains of the global subdomain:

subfinder -d company.com --all --recursive | anew subs.txt

I have got so many subdomains but one of them looks intersting let’s say it’s ghost.company.com, and I quickly opened this subdomain domain in my browser and It turns out this is a very new subdomain of this company.

文章来源: https://infosecwriteups.com/api-hunting-to-employee-pii-data-638866e3f494?source=rss----7b722bfd1b8d---4
如有侵权请联系:admin#unsafe.sh