내가 좋아할 만한 콘텐츠
Today i found a RCE in a bug bounty platform 1. found a bypass admin role with cve confluence 2. access and upload a plugin ( webshell) 3. turn on plugin in server and can run any system command HOPY THEY FAIR #BugBounty
The new writup is here: Account Takeover via Insecure Email Change — Critical Vulnerability medium.com/@3bddagg3/acco… #bugbountytips #bugbounty #hackerone
Through a simple path manipulation in the hostName parameter, I was able to escalate the issue into a One-Click Account Takeover medium.com/@Zeno_H2r/expl…
Tip: When testing, try injecting a null byte (\u0000) into unexpected parameters. You never know how the backend will handle it — sometimes a small injection can completely break features like the invitation system. #BugBounty #bugbountytips #Hacking #Cybersecurity
New Write-Up Published: One parameter. One click. One hijack. medium.com/@yassentaalab5… #BugBounty #bugbountytips
اللهم بارك بس انا عندي استفسار واتمنى ميتفهمش غلط ليه لما بشوف سيناريوهات زي دي بشوفها ساهلة ومع ان اغلب الحاجات دي بطبقها وانا بهانت بس عمرها ما جات لان استحالة حاجة زي دي تكون متسابة ودا بيخليني احس ان الناس دي البروجرامز بتاعتها غير بتاعتنا حرفيا بحسهم حاجة زي لابات بورتسويجر
hardcoded credentials in javascript file xxxxxxx/static/js/main.xxxxx.chunk.js 🗣️ dp #bugbounty #bugbountytips #bugbountytip
How I Found a Critical Password Reset Bug in the BB program(and Got $4,000) s41n1k.medium.com/how-i-found-a-… #bugbounty
özlemişsinizdir. buyrun fırından taze çıktı dostlar youtube.com/watch?v=xNxyhD…
youtube.com
YouTube
Şaka Gibi Ama Değil: 1980’ler Protokolüyle 2025’te Tren Durdurmak...
Blind XSS on Admin Portal Leads to Information Disclosure medium.com/@rohit443/blin… #bugbounty #bugbountytips
rohit443.medium.com
Blind XSS on Admin Portal Leads to Information Disclosure
Hello Everyone
The $1000 Critical Bug: Unauthorised Access Leading to Support Admin Panel Takeover v3d.medium.com/the-1000-criti… #bugbounty #bugbountytips #bugbountytip
"The Anotomy of Critical Bug" is now live on @InfoSecComm 🔗medium.com/bugbountywrite… #bugbountytip #bugbountytips #bugbounty #CyberSecurity #Security #infosec #appsec #Hacking #vapt
$500 for Punycode email spoofing bug. Used comilav “m” to bypass email uniqueness check: >Register with [email protected] > Use same name as legit user > Invite real user to fake team Real user joins attacker’s team - gets locked out of real one #bugbountytips #BugBounty
#CryptoSecurity 🚨 - A massive supply chain attack on the NPM registry has compromised popular packages with over 2 billion weekly downloads, aiming to steal cryptocurrency from users. dailydarkweb.net/major-npm-supp…
🔍Discover More Exposed LLM Servers with ZoomEye ZoomEye Dork👉app="Ollama" || app="vLLM UI" || app="LLaMA Board" || app="LLaMA Factory" || app="Chat LangChain" || app="AnythingLLM" || app="Chat LangChain" ZoomEye Link: zoomeye.ai/searchResult?q…
Exposed LLM server queries for @shodanhq port:11434 "Ollama" port:8000 "vLLM" port:8000 "llama.cpp" port:8080 "llama.cpp" port:1234 "LM Studio" port:4891 "GPT4All" port:8000 "LangChain" blogs.cisco.com/security/detec…
Cloudflare 403 bypass to time-based blind SQLi: PL: (select(0)from(select(sleep(10)))v) → 403 but PL: (select(0)from(select(sleep(6)))v)/*'%2B(select(0)from(select(sleep(6)))v)%2B'%5C"%2B(select(0)from(select(sleep(6)))v) → Time-based Blind SQLi #BugBounty #SQLi
Alhamdulillah I got 3 RXSS duplicates on a public Bugcrowd program. Write-up: zuksh.medium.com/how-i-discover… #BugBounty #RXSS #XSS #InfoSec #Bugcrowd
1. Register an account using [email protected] 2. Navigate to change email 3. Change it to [email protected] 4. Boom 💥 become the administrator and infrastructure takeover Rewarded $$$$$ #fuckbountytips
New Video Out 🔥 “AWS S3 Bucket Hacking Explained (Bug Bounty Hunters Must Watch)” youtu.be/_UlHLjIQeJM?si…
How I Found Cache Deception in a private bbp medium.com/@MoSalah11/how… @0x_MoSalah
United States 트렌드
- 1. #AEWWrestleDream 20.1K posts
- 2. #UFCVancouver 20.7K posts
- 3. No Kings 1.53M posts
- 4. Chito 5,518 posts
- 5. CJ Carr 1,027 posts
- 6. Texas Tech 8,925 posts
- 7. Sam Rivers 5,726 posts
- 8. Zahabi 2,887 posts
- 9. Sark 1,905 posts
- 10. Ole Miss 17.1K posts
- 11. Iowa 15.6K posts
- 12. Arkansas 20.4K posts
- 13. Billy Napier 2,825 posts
- 14. Lebby 1,771 posts
- 15. Ryan Williams 1,170 posts
- 16. Jeremiyah Love N/A
- 17. #ChristmasWithBedBathandBeyond N/A
- 18. Thekla 2,327 posts
- 19. Jurassic Express 1,765 posts
- 20. #Svengoolie 1,795 posts
내가 좋아할 만한 콘텐츠
Something went wrong.
Something went wrong.