你可能會喜歡
Today i found a RCE in a bug bounty platform 1. found a bypass admin role with cve confluence 2. access and upload a plugin ( webshell) 3. turn on plugin in server and can run any system command HOPY THEY FAIR #BugBounty
The new writup is here: Account Takeover via Insecure Email Change — Critical Vulnerability medium.com/@3bddagg3/acco… #bugbountytips #bugbounty #hackerone
Through a simple path manipulation in the hostName parameter, I was able to escalate the issue into a One-Click Account Takeover medium.com/@Zeno_H2r/expl…
Tip: When testing, try injecting a null byte (\u0000) into unexpected parameters. You never know how the backend will handle it — sometimes a small injection can completely break features like the invitation system. #BugBounty #bugbountytips #Hacking #Cybersecurity
New Write-Up Published: One parameter. One click. One hijack. medium.com/@yassentaalab5… #BugBounty #bugbountytips
اللهم بارك بس انا عندي استفسار واتمنى ميتفهمش غلط ليه لما بشوف سيناريوهات زي دي بشوفها ساهلة ومع ان اغلب الحاجات دي بطبقها وانا بهانت بس عمرها ما جات لان استحالة حاجة زي دي تكون متسابة ودا بيخليني احس ان الناس دي البروجرامز بتاعتها غير بتاعتنا حرفيا بحسهم حاجة زي لابات بورتسويجر
hardcoded credentials in javascript file xxxxxxx/static/js/main.xxxxx.chunk.js 🗣️ dp #bugbounty #bugbountytips #bugbountytip
How I Found a Critical Password Reset Bug in the BB program(and Got $4,000) s41n1k.medium.com/how-i-found-a-… #bugbounty
özlemişsinizdir. buyrun fırından taze çıktı dostlar youtube.com/watch?v=xNxyhD…
youtube.com
YouTube
Şaka Gibi Ama Değil: 1980’ler Protokolüyle 2025’te Tren Durdurmak...
Blind XSS on Admin Portal Leads to Information Disclosure medium.com/@rohit443/blin… #bugbounty #bugbountytips
The $1000 Critical Bug: Unauthorised Access Leading to Support Admin Panel Takeover v3d.medium.com/the-1000-criti… #bugbounty #bugbountytips #bugbountytip
"The Anotomy of Critical Bug" is now live on @InfoSecComm 🔗medium.com/bugbountywrite… #bugbountytip #bugbountytips #bugbounty #CyberSecurity #Security #infosec #appsec #Hacking #vapt
$500 for Punycode email spoofing bug. Used comilav “m” to bypass email uniqueness check: >Register with [email protected] > Use same name as legit user > Invite real user to fake team Real user joins attacker’s team - gets locked out of real one #bugbountytips #BugBounty
#CryptoSecurity 🚨 - A massive supply chain attack on the NPM registry has compromised popular packages with over 2 billion weekly downloads, aiming to steal cryptocurrency from users. dailydarkweb.net/major-npm-supp…
🔍Discover More Exposed LLM Servers with ZoomEye ZoomEye Dork👉app="Ollama" || app="vLLM UI" || app="LLaMA Board" || app="LLaMA Factory" || app="Chat LangChain" || app="AnythingLLM" || app="Chat LangChain" ZoomEye Link: zoomeye.ai/searchResult?q…
Exposed LLM server queries for @shodanhq port:11434 "Ollama" port:8000 "vLLM" port:8000 "llama.cpp" port:8080 "llama.cpp" port:1234 "LM Studio" port:4891 "GPT4All" port:8000 "LangChain" blogs.cisco.com/security/detec…
Cloudflare 403 bypass to time-based blind SQLi: PL: (select(0)from(select(sleep(10)))v) → 403 but PL: (select(0)from(select(sleep(6)))v)/*'%2B(select(0)from(select(sleep(6)))v)%2B'%5C"%2B(select(0)from(select(sleep(6)))v) → Time-based Blind SQLi #BugBounty #SQLi
Alhamdulillah I got 3 RXSS duplicates on a public Bugcrowd program. Write-up: zuksh.medium.com/how-i-discover… #BugBounty #RXSS #XSS #InfoSec #Bugcrowd
1. Register an account using [email protected] 2. Navigate to change email 3. Change it to [email protected] 4. Boom 💥 become the administrator and infrastructure takeover Rewarded $$$$$ #fuckbountytips
New Video Out 🔥 “AWS S3 Bucket Hacking Explained (Bug Bounty Hunters Must Watch)” youtu.be/_UlHLjIQeJM?si…
How I Found Cache Deception in a private bbp medium.com/@MoSalah11/how… @0x_MoSalah
medium.com
How I found Cache Deception in a private bug bounty program.
Introduction :
United States 趨勢
- 1. White House 438K posts
- 2. Fermin 26.7K posts
- 3. ChatGPT Atlas 2,501 posts
- 4. Kurt Suzuki 1,403 posts
- 5. #pilotstwtselfieday N/A
- 6. Crosby 3,999 posts
- 7. NASA 62.6K posts
- 8. Warner Bros 7,435 posts
- 9. Rick Scott 2,062 posts
- 10. #Integra 1,125 posts
- 11. #hoothoot N/A
- 12. #JUNGKOOKXCALVINKLEIN 53K posts
- 13. #TrumpHatesOurHealthCare 1,739 posts
- 14. NBA IS BACK 28.2K posts
- 15. Taco Tuesday 14.4K posts
- 16. East Wing 109K posts
- 17. Olympiacos 25.6K posts
- 18. Olmo 4,255 posts
- 19. Knicks 10.5K posts
- 20. Uribe 123K posts
你可能會喜歡
Something went wrong.
Something went wrong.