unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
CSRF leads to account takeover in Yahoo!
Hi everyone!During my bug bounty journey I used to read numerous writings to learn different techniq...
2023-1-15 11:4:39 | 阅读: 10 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
chrome
yahoo
lax
writings
fortunately
How Browser’s Save As Feature might lead to Code Execution (CVE-2022–45415)
Few days ago, while I was exploring browser based bugs, I read a article over internet explaining ab...
2023-1-15 11:4:24 | 阅读: 33 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
mozilla
malicious
canonical
clearly
Exploiting API with AuthToken
Hallo fellow researchers,Myself, Rafi Ahamed. I am a Cyber Security Researcher from Bangladesh. I lo...
2023-1-15 11:4:4 | 阅读: 17 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
authtoken
gave
triaged
bugcrowd
myself
API based IDOR to leaking Private IP address of 6000 businesses
Hello fellow researchers,Myself, Rafi Ahamed. I am a Cyber Security Researcher from Bangladesh. I lo...
2023-1-15 11:3:16 | 阅读: 14 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
intercepted
security
facebook
idors
HTML injection in an email template
Credit : PinterestSend emails on behalf of a company? Here’s how I found this vulnerability in sever...
2023-1-14 12:31:24 | 阅读: 27 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
inject
proxy
injection
interpreted
protections
Discovering vulnerabilities quickly with targeted scanning — Portswigger
This lab contains a vulnerability that enables you to read arbitrary files from the server. To solve...
2023-1-14 12:30:54 | 阅读: 72 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
xi
productid
proxy
passwd
payload
Strange 2FA Misconfiguration
Hey guys I am back again with another interesting bug bounty writeup. In this write-up, I am going t...
2023-1-13 18:2:8 | 阅读: 14 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
guys
hunt
github
otp
vdp
Clear communication is crucial: why writing effective vulnerability reports matters
First, let’s address the question of why it is necessary to write a clear report. A clear report is...
2023-1-13 18:1:8 | 阅读: 12 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
security
brief
concise
advantages
existence
Analysing Command Detected in Request Body
SOC168 — Whoami Command Detected in Request BodyWhat is Command Injection?Command InjectionCommand i...
2023-1-6 12:44:49 | 阅读: 15 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
injection
attacker
whoami
malicious
177
CVE-2022-38627: A journey through SQLite Injection to compromise the whole enterprise building
Introduction:In this research, I will show you how I managed to find this critical 0-day that allows...
2023-1-2 17:38:46 | 阅读: 46 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
phases
tpl
database
prepared
sth
Setting up your bug bounty scripts with Python and Bash
Hi there,Automation is very interesting things, and if done in a right manner, it is more interestin...
2022-12-30 17:5:44 | 阅读: 31 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
subdomain
sorter
webhook
amass
scanned
$350 XSS in 15 minutes
Bug Bounty Writeup about DOM XSS via JSONP + Parameter pollutionPhoto by Pepi Stojanovski on Unsplas...
2022-12-29 20:28:13 | 阅读: 28 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
jsonp
1337
somewhere
payload
developer
How Capabilities actually Work ? | Exploitation | Privilege Escalation
Sometimes a user with low privileges needs to perform specific tasks with higher privileges and for...
2022-12-29 20:27:34 | 阅读: 21 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
privileges
bitmask
setuid
ep
processes
Exploiting XSS with Javascript/JPEG Polyglot
What is a polyglot?Just like PNG, JPEG, and DOC are valid file types, polyglots are a combination of...
2022-12-29 20:27:11 | 阅读: 45 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
payload
2a
php
12074
polyglot
Unauthorized Sign-up on Subdomain of Subdomain leading to Organization takeover worth $2000
Hello people, Here I am sharing another four digit write-up which is one of my very old finding. If...
2022-12-28 21:1:29 | 阅读: 18 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
subdomain
github
signup
repository
ups
How I Earned My First Bug Bounty Reward of $1000
In this article, I want to discuss about my journey of making $1000 dollars from Bug Bounty program...
2022-12-28 20:1:32 | 阅读: 16 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
security
earning
importance
malicious
Efficient methodology to get P2 level - subdomain takeover vulnerability
Hello Guys, I’m Suprit a cybersecurity enthusiast and researcher. This is mine first blog and I’m go...
2022-12-27 16:44:28 | 阅读: 17 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
subdomain
nuclei
github
fig
takeovers
CRLF Injection — xxx$ — How was it possible for me to earn a bounty with the Cloudflare WAF?
I recently discovered a CRLF injection vulnerability on a popular website. In this blog post, I will...
2022-12-25 01:14:46 | 阅读: 48 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
crlf
injection
payload
bomb
crlfuzz
Bypass Apple’s redirection process with the dot (“.”) character
Hi guys, I have been gone for a while but now I’m back and here is a new write-up post. Today, I’m g...
2022-12-25 01:12:50 | 阅读: 39 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
subdomain
payload
redirected
choosing
appended
How these IDOR vulnerability earned 5000$ | Hackerone Reddit Bug Bounty
Modifying any users custom profile linksPhoto by Brett Jordan on PexelsIDOR, Insecure Direct Object...
2022-12-24 00:36:22 | 阅读: 25 |
收藏
|
Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com
reddit
windows
criptex
chrome
loid
Previous
66
67
68
69
70
71
72
73
Next