Cookies are not evil. Let’s not be too harsh. You wouldn’t be hare-brained about cookies if you knew what they were built for.

Cookies are small pieces of information/data that a website/web-server sends to your browser, so it can be stored in your computer’s hard-disk. The next time you make another request on the same website, your browser sends the cookie along with the request, so the website can identify you.

Stay with me, I’ll break this down and explain.

This was originally published on my newsletter “FourZeroThree”. You could subscribe to get posts straight to your inbox → https://fourzerothree.substack.com.


High level view of concepts explained through sketches!

This was originally published on my newsletter “FourZeroThree”. You could subscribe to get posts straight to your inbox → https://fourzerothree.substack.com.

WHAT IS PRIVATE BROWSING? WHAT IT DOES!

Private browsing saves you from local privacy threats, like if someone gets physical access to your machine.

WHAT PRIVATE BROWSING DOES NOT DO!

Private browsing does not make you anonymous - your IP address is always logged by the website you visit! Your geo-location is known.


What it is, how it works, its need, and weaknesses

Passwords are the most common and fundamental means of authentication in most services on the internet. You provide your password, let’s say, to a web application to verify who you claim to be. But what if somebody had your password and claimed to be you? So, assuming your password could be hacked, why not have another factor that helps an application verify it is indeed you?

Using another factor of verification besides a password, allows you to have an extended layer of security. …


Email, however old compared to social media or other forms of communication the internet has made possible, is here to stay. Email, a method used for both, business and personal communication, is quick, reliable, convenient, and free/cheap. It is by far the most preferred form of communication on the internet.

Of course you have an email address. Almost everyone using the internet has one. With the number of applications, you may use your email address to register with, you must know what “Burner Emails” are, why you should use them, and how it could protect your privacy.

This was originally…


Of course, you know what a URL is, don’t you? The string of text that appears on the address bar of your browser? But do you know how a URL is structured? Wait, before you think knowing that is not necessary, let me tell you, this knowledge could help you be secure when faced with certain malicious situations.

This was originally published on my newsletter “FourZeroThree”. You could subscribe to get posts straight to your inbox → https://fourzerothree.substack.com.

A quick shout out! I also created a “video version” of the article. If you are the visual type, I recommend watching…


Passwords are the most common and fundamental means of authentication in most services on the internet. You provide your password, let’s say, to a web application in order to verify who you claim to be. But let’s get real, how many passwords are you going to commit to memory, given the shed-load of web/mobile services you use?

This was originally published on my newsletter “FourZeroThree” → You could subscribe to get posts straight to your inbox → https://fourzerothree.substack.com.

A quick shout out! I also created a short “video version” of the article. It may not have every detail written in…


When I am frustrated about not knowing what to do or not finding enough bugs, I try to help my cause by introspecting and making an attempt towards “upping” my game. Part of this introspection is in trying to actively identify knowledge gaps and skills. (For the sake of sounding tangled) I make up for these skill gaps by running “learning experiments”.

You see, self-learning something like web app hacking can be difficult because there is no set step by step path. You read, practice, hunt/hack and keep running this cycle. …


In the beginning everyone’s crap at bug bounty hunting. Apart from all the obvious reasons why, the lack of detailed notes and an organized methodology may also contribute to this. Let me, however, right at the start of this article, reiterate that this is solely my opinion. This piece is from subjective experience and may differ from person to person.

The need for notes and an organized methodology

As a beginner, doing bug bounty hunting for the last 7 months, I have realized there is a need for a solid bug hunting methodology and note making to up my bug bounty game. So,why is this?

Well, all of…


It’s fascinating, how life has its twisted plots. I am an Oral Pathologist by education, an Entrepreneur by profession and here I am giving a shot at writing an article on my bug bounty hunting/web app hacking journey!! I know it sounds crazy but its amazing, how much you could learn and do if you put your mind to something. However, I would be digressing here. I’ll write more on this some other time.

So, what’s the deal with this blog post?

Well, this article is an attempt to run through my personal journey so far, in learning web app hacking and bug bounty hunting. But why would…

Sanketh Sharath

Dentist | Entrepreneur | Bug bounty enthusiast | I also write/host “FourZeroThree” a newsletter on Internet security https://fourzerothree.substack.com

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store