Here is my second write-up on my series of bugs found on Google Systems. If you haven’t checked my first write-up, check out below…

As I mentioned, Google Cloud became my favorite target and spent most of time hunting bugs there. And a product named as _Appsheet _was under new product sections which was a alternative to existing AppMaker by Google.

At first impression I loved the way it was built and it’s simplicity to build apps. So I decided to give it a shot and found it had a **_Cloud-flare _**implemented at the back-end. Awww, Shit !!

**YOU’RE BLOCKED !! **which is the most irritating thing as a Bug Hunter and I can’t spend time in bypassing it. So it was clear I can’t test for XSS, SSRF or other similar bugs which I loved the most.

Without any idea I created a new app and all the app created were identified by AppId which had 30–36 random alpha numeric characters.

#bug-bounty #cybersecurity #hacking #security #infosec #cloud