unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Accessing Grofers Grafana Instance Using Shodan
Hello People….After a long time, there is one interesting bug I have found in Grofers using a simple...
2021-09-15 00:09:55 | 阅读: 179 |
收藏
|
infosecwriteups.com
grofers
security
lohigowda
entered
username
Bypassed! and uploaded a sweet reverse shell
Hey, Today I will showcase how I found a file upload vulnerability which I bypassed and popped a rev...
2021-09-05 17:22:10 | 阅读: 135 |
收藏
|
infosecwriteups.com
php
reverse
bypass
php5
bypassed
Eye for an eye: Unusual single click JWT token takeover
This story is about an unusual open redirect misconfiguration I found in JetBrains Datalore.Descript...
2021-09-05 10:57:22 | 阅读: 48 |
收藏
|
infosecwriteups.com
jetbrains
datalore
2fdatalore
attacker
victim
Web OSINT Tryhackme Walkthrough
Hello guys and welcome back , Ayush this side, today we’ll talk about one of the tryhackme room web...
2021-09-05 03:53:19 | 阅读: 328 |
收藏
|
infosecwriteups.com
ans
viewdns
heat
nameserver
What would you do if Oracle’s mailing server sent you this?
Phishing via. HTML Injection!This blog talks about how a case of weak input validation in an Oracle...
2021-09-02 16:08:57 | 阅读: 52 |
收藏
|
infosecwriteups.com
phishing
emailid
mailing
noreply
victim
How I made 25000 USD in bug bounties with reverse proxy
A proxy server is a go‑between or intermediary server that forwards requests for content from multip...
2021-09-02 15:28:59 | 阅读: 42 |
收藏
|
infosecwriteups.com
proxy
reverse
attacker
network
95content
When automating wayback machine and ffuf is not the answer, or manual analysis ftw
Wayback machine is an awesome resource for a quick recon. It helps in finding sometimes obscure path...
2021-09-02 15:28:53 | 阅读: 58 |
收藏
|
infosecwriteups.com
ffuf
machine
wayback
belong
requestand
How I Scored 2K Bounty via an IDOR
Easiest IDOR ever ?!Photo by Benjamin Dada on UnsplashHello Security ResearchersIn this writeup I wi...
2021-08-30 02:33:54 | 阅读: 43 |
收藏
|
infosecwriteups.com
viewing
idor
easiest
wrapped
curious
Server-Side Request Forgery (SSRF)
What is SSRF?!Server-Side Request Forgery (SSRF) is an exploit use to attack internal systems behind...
2021-08-30 02:26:15 | 阅读: 113 |
收藏
|
infosecwriteups.com
burp
tripadvisor
ssrf
payload
Setup Your Private Burp Collaborator for SSRF/XXE
Burp-suite CollaboratorPhoto by Hacker Noon on UnsplashHello Security Researchers & HackersIn this a...
2021-08-25 01:50:46 | 阅读: 114 |
收藏
|
infosecwriteups.com
burp
biid
poll
hereopen
Getting Your Account Hacked Is Just A Feature On Quora.com
Intro Part 1:Trying to log in to Quora using my browser, I realized I didn’t remember my password. I...
2021-08-23 20:12:39 | 阅读: 35 |
收藏
|
infosecwriteups.com
quora
security
expecting
telling
Cross-Site WebSocket Hijacking (CSWSH)
Understanding the execution of a WebSocket attack!Before we go into the ACTUAL invasion, it’s crucia...
2021-08-23 19:12:49 | 阅读: 51 |
收藏
|
infosecwriteups.com
client
attackers
handshake
cswsh
attacker
How I got RCE In The World Largest Russian Company
Thinking outside the boxPhoto by Christian Wiediger on UnsplashHello Security Researchers & HackersI...
2021-08-23 17:10:13 | 阅读: 50 |
收藏
|
infosecwriteups.com
favicon
jdwp
sitting
itnow
till
Access control vulnerabilities Mindmap
ArchiveABOUT USBug BountyCTFDiscord ServerWrite-up SubmissionsDiscord GroupHello, Hackers & Enthusia...
2021-08-18 18:37:29 | 阅读: 53 |
收藏
|
infosecwriteups.com
bounties
vulnhub
ups
ctfs
publication
How I Bought a £240.00 Annual Subscription for Bargain £0.01
I found a way to alter a premium subscription service price and bought it for a penny. This is how I...
2021-08-18 17:32:44 | 阅读: 34 |
收藏
|
infosecwriteups.com
sku
monthly
burp
penny
annual
Why u should use burp to test Path Traversal Vulnerability and also get RXSS
Hi everyone, It’s Yasser again (AKA Neroli)I told you that me and my brother (who is 16 years old) w...
2021-08-18 17:32:39 | 阅读: 45 |
收藏
|
infosecwriteups.com
brother
burp
rxss
xd
numerical
How I found Reflected XSS on a WebGIS
Note: The vulnerability was reported and has been fixed.Hi everyone,In this write-up, I will share h...
2021-08-18 17:32:34 | 阅读: 53 |
收藏
|
infosecwriteups.com
hcmgis
webgis
tac
vn
How I Scored 1K Bounty Using Waybackurls
Approaching a target from all anglesPhoto by Irvan Smith on UnsplashHello Security Researchers,Hacke...
2021-08-17 23:54:38 | 阅读: 79 |
收藏
|
infosecwriteups.com
paying
disclose
belongs
thisi
ended
BUG HUNTING METHODOLOGY FOR BEGINNERS
In this write up I am going to describe the path I walked through the bug hunting from the beginner...
2021-08-15 04:18:39 | 阅读: 125 |
收藏
|
infosecwriteups.com
subdomain
bugcrowd
tesla
inurl
Facebook OAuth 2.0 Misconfiguration
IntroIf you had been following my cybersecurity articles, you already know that I don’t like to hunt...
2021-08-14 01:16:05 | 阅读: 35 |
收藏
|
infosecwriteups.com
facebook
vuln
hunters
Previous
85
86
87
88
89
90
91
92
Next