คุณอาจชื่นชอบ
🚨 CFP aberto — Bug Bounty Village @ H2HC 2025 🚨 Achou um bug insano, bypass criativo ou tem case real de pentest/bug bounty? Manda sua talk! 👉 docs.google.com/forms/d/e/1FAI… #H2HC #BugBounty #Call4Papers #HackerCulture
This is some really nice research! It's definitely worth trying these techniques against cryptocurrency extensions! marektoth.com/blog/dom-based…
CHAMADA DE ARTIGOS 2025 Mais artigos, novos autores, pwnage e 0days. Com esses objetivos iniciamos a nova Chamada de Artigos 2025 para a segunda edição! Envie seu artigo para : [email protected]
New Active Directory Mindmap v2025.03! 🚀 📖 Readable version: orange-cyberdefense.github.io/ocd-mindmaps/i… 🔧 Now fully generated from markdown files—way easier to update and maintain! 💡 Got improvements? PRs welcome! 👉 github.com/Orange-Cyberde…
very pleased to announce the release of my new article based on my research that led to CVE-2024-46982 titled: Next.js, cache, and chains: the stale elixir zhero-web-sec.github.io/research-and-t… note: does not cover the latest findings shared in my recent posts enjoy reading;
ADCS Attack Techniques Cheatsheet for all of you lazy folks who prefer colored tables over reading a bunch of articles just to find some specific information: bit.ly/adcs-cheatsheet
New writeup from @_specters_ and I: we're finally allowed to disclose a vulnerability reported to Kia which would've allowed an attacker to remotely control almost all vehicles made after 2013 using only the license plate. Full disclosure: samcurry.net/hacking-kia
In August, watchTowr Labs hijacked parts of the global .mobi TLD - and went on to discover the mayhem that we could cause. Enjoy.... labs.watchtowr.com/we-spent-20-to…
Yay, I was awarded a $1000 bounty on @Hacker0x01 for a 1-Click RCE vulnerability! Collab with my bro @LuskaBol hackerone.com/xpl #TogetherWeHitHarder
PHP just fixed one of my RCE vulnerabilities, which affects XAMPP by default. Check to see if you are affected and update now! 🔥 blog.orange.tw/2024/06/cve-20…
Modern implant design: position independent malware development. A small blog post on how to design "modern" malware with features like global variables, raw strings, and compile-time hashing. 5pider.net/blog/2024/01/2… Repo: github.com/Cracked5pider/…
“Rook to XSS: How I hacked chess[.]com with a rookie exploit” skii.dev/rook-to-xss/ Really great read! If you’ve never looked, chess.com has a great off-platform bug bounty program via [email protected]
skii.dev
Rook to XSS: How I hacked chess.com with a rookie exploit
Playing Chess is one of the many hobbies I like to do in my spare time, apart from tinkering around with technology. However, I'm not very good at it, and after losing many games, I decided to see if...
This is a very unknown technique. Tried googling it and found no results, so maybe even a novelty. This allows you to dump all domains from a Cloudflare user by doing nameserver correlation. Great for finding base domains owned by the company. celes.in/posts/cloudfla…
"A tale of making internet pollution free" - Exploiting Client-Side Prototype Pollution in the wild - @S1r1u5_ blog.s1r1us.ninja/research/PP
Sharing my experience with alias path traversals on nginx, and how we leaked sensitive data on Bitwarden and GCP with that. Along with that, we also released a tool called navgix to check for the presence of these vulnerabilities in an automated manner. labs.hakaioffsec.com/nginx-alias-tr…
I hacked into a @Bing CMS that allowed me to alter search results and take over millions of @Office365 accounts. How did I do it? Well, it all started with a simple click in @Azure… 👀 This is the story of #BingBang 🧵⬇️
The team at @OpenAI just fixed a critical account takeover vulnerability I reported few hours ago affecting #ChatGPT. It was possible to takeover someone's account, view their chat history, and access their billing information without them ever realizing it. Breakdown below 👇
We recently found a vulnerability affecting Hyundai and Genesis vehicles where we could remotely control the locks, engine, horn, headlights, and trunk of vehicles made after 2012. To explain how it worked and how we found it, we have @_specters_ as our mock car thief:
United States เทรนด์
- 1. Bo Nix 5,022 posts
- 2. Mariota 3,275 posts
- 3. #BaddiesUSA 9,807 posts
- 4. #RHOP 7,247 posts
- 5. Tomlin 22.2K posts
- 6. Steelers 59.6K posts
- 7. Broncos 18K posts
- 8. #Married2Med 1,722 posts
- 9. #RaiseHail 2,452 posts
- 10. Maxey 3,509 posts
- 11. Vikings 35.2K posts
- 12. Jalen Johnson 3,000 posts
- 13. Josh Allen 14.8K posts
- 14. Bills 89.7K posts
- 15. Courtland Sutton 1,346 posts
- 16. #ITWelcomeToDerry 6,614 posts
- 17. Rodgers 15.1K posts
- 18. Bonitto N/A
- 19. Toya 5,598 posts
- 20. Chrisean 4,714 posts
คุณอาจชื่นชอบ
-
Guilherme Keerok
@k33r0k -
Carlos Vieira (lynx)
@carlos_crowsec -
Thauan
@thau0x01 -
caioluders
@caioluders -
Sql3t0
@sqleto -
0xTeles
@0xTeles -
scallop
@sc4ll0p -
Matheus Vrech
@vrechson -
joao
@pwnj0 -
RTFM[ChOkO]
@ChOkO088 -
Elb
@elber333 -
@gustavorobertux
@gustavorobertux -
Américo
@americosmjr -
ph0r3nsic 🕷️
@ph0r3nsic -
0xEduardo
@w44zzz
Something went wrong.
Something went wrong.