When analyzing Chennai Metro Rail mobile app's traffic in burp, I found a vulnerable LFI endpoint then got access to web.config and finally got the source code by dumping a dll. After that did source code analysis and found a blind SQLI
Found an endpoint in National Institute Of Open Schooling website that let me scrape any users personal details using burp, it had weak captcha implementation. Wrote a golang script and scraped some data