Hello ethical hackers and bug bounty hunters! I’ve recently conducted  a successful penetration testing against a web application built using  Google Web Toolkit, and I want to share with you the process I followed  and the bugs I found. Hopefully, this episode will inspire you to try  harder during your own bug bounty hunting and penetration testing  journey.

I will briefly explain what Google Web Toolkit is and what research  has already been made around it. Then, I will explain why and how I  built a Burp extension to help me during the penetration testing  process. Finally, I will share with you some vulnerabilities I found,  especially a cool one which required further effort. So stay with me as  we smash this web application into pieces!

Read more details on https://thehackerish.com/hacking-a-google-web-toolkit-application/

Watch the Broken Access Control approach on https://youtu.be/TJQpOrtet8E

Read about IDOR on https://thehackerish.com/idor-explained-owasp-top-10-vulnerabilities/