unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Paytm-Broken Link Hijacking
Hello Everyone….Lohith Here, (Sr.Security Engineer & Ethical Hacker from Bengaluru). I hope you...
2022-2-1 14:22:52 | 阅读: 35 |
收藏
|
infosecwriteups.com
paytm
security
redirected
facebook
forgot
The Story of an RCE on a Java Web Application
It was about two months ago (November 2021) I was invited to a private program. According to their p...
2022-2-1 14:19:37 | 阅读: 33 |
收藏
|
infosecwriteups.com
payload
burp
gave
serialized
python
Hack into Skynet — Real World CTF (2022) walkthrough
<Online Jeopardy>Hello hackers ッ✋✋,In this writeup, I’m sharing one of the potential methods to pwn...
2022-1-25 19:1:43 | 阅读: 43 |
收藏
|
infosecwriteups.com
username
flask
bypass
attachment
403
Attacks on JSON Web Token (JWT)
In part1 of the article, I introduced JSON web tokens that what is JWT and How they are made? I pref...
2022-1-25 18:59:54 | 阅读: 46 |
收藏
|
infosecwriteups.com
hs256
payload
isadmin
rs256
validated
How I was able to find multiple vulnerabilities of a Symfony Web Framework web application
Found high severity vulnerability in 5 minutes just from reconnaissance. Found multiple vulnerabilit...
2022-1-25 18:58:15 | 阅读: 89 |
收藏
|
infosecwriteups.com
symfony
profiler
php
developers
subdomain
Simple CTF- TryHackme
CTFWelcome amazing hackers I came up with another cool article which is Tryhackme simple CTF writeup...
2022-1-25 16:7:41 | 阅读: 20 |
收藏
|
infosecwriteups.com
gobuster
ctfwelcome
salt
cracking
ssh
How I could have read your confidential bug reports by simple mail?
Source: InternetHey Everyone, Hope you’re doing safe and sound.I have recently found a bug in the Mi...
2022-1-25 15:53:20 | 阅读: 17 |
收藏
|
infosecwriteups.com
microsoft
attacker
vuln
listened
010001
Information Disclosure via External Live Chat Service
Hi folks!I hope you’re all safe and good. Today’s write-up explains how I was able to fetch website...
2022-1-25 15:44:48 | 阅读: 15 |
收藏
|
infosecwriteups.com
momentary
awarded
explains
triaged
How I was able to takeover accounts in websites deal with Github as a SSO provider
How I was able to take over accounts in websites deal with Github as an SSO providerHello, fellow ha...
2022-1-25 15:35:47 | 阅读: 17 |
收藏
|
infosecwriteups.com
github
sso
passwords
security
username
IDOR: A BEGINNER’S GUIDE
Hi, happy to be back with a new topic related to web exploitation, IDOR. IDOR is a type of access co...
2022-1-25 15:20:8 | 阅读: 30 |
收藏
|
infosecwriteups.com
idor
1host
0hello
mozilla
thmcookie
Registrations Open for IWCON 2022 — the Online Infosec Conference & Networking Event
Listen to 15+ awesome speakers and meet some of the coolest peeps in Infosec!Register for IWCON 2022...
2022-1-25 02:33:45 | 阅读: 15 |
收藏
|
infosecwriteups.com
iwcon
speakers
writeups
editorial
attend
Demystifying JA3: One Handshake at a Time
JA3 is a fingerprinting mechanism performed on a Client that uses TLS to connect with the Server. Th...
2022-1-22 16:9:31 | 阅读: 46 |
收藏
|
infosecwriteups.com
ja3
client
fingerprint
clienthello
Day 14, Set Up Environment for Pentesting #100DaysofHacking
Get all the writeups from Day 1 to 13, Click Here Or Click Here.Source: UnsplashHello Everyone, This...
2022-1-18 16:20:44 | 阅读: 11 |
收藏
|
infosecwriteups.com
proxy
burp
fig
client
foxy
Authentication Bypass -TryHackMe
Authentication bypass is the critical type of vulnerability that leads to exposure of sensitive info...
2022-1-18 16:17:39 | 阅读: 1145 |
收藏
|
infosecwriteups.com
username
thm
robert
tampering
ffuf
How I Escalated a Time-Based SQL Injection to RCE
Good day everyone! I hope all of you are doing well.Today, I will be sharing one of my report on Son...
2022-1-18 16:9:49 | 阅读: 105 |
收藏
|
infosecwriteups.com
cmdshell
4577
windows
chrome
IDOR — TryHackme
Writeup on Access ControlHi folks, welcome back I am here with a pretty cool writeup on IDOR vulnera...
2022-1-13 00:2:1 | 阅读: 42 |
收藏
|
infosecwriteups.com
idor
signup
invoice
swe
client
HOW I GOT MY FIRST RCE WHILE LEARNING PYTHON
Hi,I am just learning python in redacted.com and learning and learning…Till I spotted a section that...
2022-1-10 12:38:22 | 阅读: 31 |
收藏
|
infosecwriteups.com
scsi
python
anon
hhahahah
banned
HOW I AM ABLE TO CRASH ANYONE’S MOZILLA FIREFOX BROWSER BY SENDING AN EMAIL
Hi, Hope you guys are doing well, Here is the story of how I am able to crash anyone’s Mozilla firef...
2022-1-10 12:36:4 | 阅读: 16 |
收藏
|
infosecwriteups.com
emojis
crash
crashed
chrome
sam0
A TALE OF 5250$ : HOW I ACCESSED MILLIONS OF USER’S DATA INCLUDING THEIR NATIONAL ID’S
Hi, Hope you guys are doing well, And a Happy New Year, YAY! ✨, Let’s start the blog without wasting...
2022-1-10 12:33:18 | 阅读: 130 |
收藏
|
infosecwriteups.com
nuclei
guys
github
apktool
decompiled
XXE — TryHackme WriteUp
XML External Entity WriteupWelcome back great hackers I am here another cool topic one of the OWASP...
2022-1-10 12:28:0 | 阅读: 12 |
收藏
|
infosecwriteups.com
payload
pcdata
markup
band
injecting
Previous
79
80
81
82
83
84
85
86
Next