unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Easy XSSHunter Discord Alerts
This will be a setup guide for XSSHunter and integrating it with Discord Alerts. This will be very s...
2023-1-27 13:55:0 | 阅读: 20 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
xsshunter
webhook
aff
printed
github
Easy XSSHunter Express Setup Script
Recently XSSHunter.com decided to stop signups and soon stopping it’s services. You’ll need to host...
2023-1-27 13:52:9 | 阅读: 35 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
xsshunter
github
forked
adamjsturge
aff
Basic SSTI — Server-Side Template Injection | 2023
Portswigger — Basic server-side template injection Solution | Karthikeyan NagarajWhat is SSTI?Server...
2023-1-24 14:39:17 | 阅读: 33 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
erb
carlos
injection
payload
morale
From Failure to Success: My Experience with the HTB CBBH
Hello everyone, my name is Hac and in this post, I will be sharing my experience with the HTB CBBH e...
2023-1-24 03:5:45 | 阅读: 104 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
bbh
htb
security
academy
hackthebox
Reflected XSS Leads to 3,000$ Bug Bounty Rewards from Microsoft Forms
Microsoft Forms Vulnerability: Reflected Cross-site Scripting (XSS)In this blog post, I will discuss...
2023-1-23 02:21:15 | 阅读: 49 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
microsoft
attacker
malicious
inject
payload
HTTP Request Smuggling — Basic CL.TE vulnerability
Portswigger HTTP Request Smuggling Solution | Karthikeyan NagarajWhat is HTTP Smuggling?HTTP request...
2023-1-23 02:20:22 | 阅读: 26 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
karthikeyan
security
forwards
interfering
chunked0
Hack File Inclusion in DVWA: A Full Walkthrough — StackZero
This is a summary of the article in my blog: https://stackzero.net/file-inclusion-introduction/In th...
2023-1-19 17:51:54 | 阅读: 57 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
inclusion
attacker
php
dvwa
Cross-site WebSocket hijacking
Portswigger Lab Solution — Cross-site WebSocket hijacking | Karthikeyan NagarajCross-site WebSocket...
2023-1-19 17:51:38 | 阅读: 13 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
security
wss
victim
attacker
JWT authentication bypass via unverified signature — Portswigger Simple Solution Writeup | 2023
Portswigger Lab Solution — JWT Authentication Bypass by Karthikeyan NagarajLab Link:Lab Description:...
2023-1-19 01:40:21 | 阅读: 28 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
karthikeyan
carlos
usingcookie
thesub
Full Team Takeover
Hare Krishna! My name is Tuhin Bose (tuhin1729). I am currently working as a CTF Designing Consultan...
2023-1-19 01:38:42 | 阅读: 16 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
objectid
importance
teamrole
joining
rolename
eLFI already solved it, better get going #BUGCROWD Challenge Walkthrough
In this Write-Up, I am going to walk you through the bugcrowd’s open challenge to hackers.Note: In c...
2023-1-17 17:38:8 | 阅读: 8 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
php
bugcrowd
gave
luck
sober
DOMAIN ADMIN Compromise in 3 HOURS
Hi everyone; I hope you enjoyed my previous blog post on “How I obtained Admin access in 30 seconds”...
2023-1-17 17:37:3 | 阅读: 9 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
reuse
payload
glassfish
procdump
laterally
Another day, Another major flaw this time in the TransUnion that allows bypassing security
Here we go. Again.Let me start by saying this is really unresponsible by major companies like Experi...
2023-1-17 17:36:39 | 阅读: 8 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
ssn
mouse
transunion
inspector
bypass
OTP Leaking Through Cookie Leads to Account Takeover
OTP BypassleakageHello Hackers,This time I am going to discuss an OTP leaking vulnerability that lea...
2023-1-17 17:36:25 | 阅读: 11 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
otp
entered
otpi
ag3n7
Tips for BAC and IDOR Vulnerabilities
Step-by-step guide for uncovering Broken Access Control and Indirect Object Reference vulnerabilitie...
2023-1-17 17:33:15 | 阅读: 43 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
idor
bac
analyzer
hunters
Manipulating the WebSocket handshake to exploit vulnerabilities
Postswigger Lab Simple Solution — Manipulating the WebSocket to exploit vulnerabilities | Karthikeya...
2023-1-17 17:32:12 | 阅读: 15 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
client
websockets
payload
karthikeyan
academy
How to spoof e-mails. (DMARC, SPF, and Phishing)
Note: sanitization of these screenshots was performed to protect the identities of stakeholders invo...
2023-1-15 23:52:55 | 阅读: 14 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
dmarc
spoofed
phishing
spf
sendmail
How I Found AWS API Keys using “Trufflehog” and Validated them using “enumerate-iam” tool
2023-1-15 23:51:2 | 阅读: 23 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
trufflehog
chrome
searched
hunters
guys
bWAPP: A Vulnerable Web Application for Practicing Vulnerabilities - Installation Guide
How to Install bWAPP in Linux for Testing Vulnerabilities to start your Bug Bounty HuntingbWAPP — bW...
2023-1-15 11:6:11 | 阅读: 18 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
bwapp
bee
download
developers
India’s Aadhar card source code disclosure via exposed .svn/wc.db
Hi Guys, I recently found a .svn/wc.db folder exposed on a resident.uidai.gov.in, and used it to rec...
2023-1-15 11:5:43 | 阅读: 29 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
wc
database
uidai
resident
subversion
Previous
65
66
67
68
69
70
71
72
Next