unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Yes. The Program Owner is correct at their place.
Harsh Bothra·1 hour agoYes. The Program Owner is correct at their place. The issue described in this...
2021-01-07 19:12:18 | 阅读: 214 |
收藏
|
medium.com
victim
agoyes
bothra
talks
The type of recon that you may skip on purpose, but this is why you shouldn’t
, or why being too quick can lead to a false positiveI have a theory that this probably affects more...
2021-01-02 18:31:14 | 阅读: 240 |
收藏
|
medium.com
patience
buttons
reasonable
worry
burp
Facebook bug bounty (500 USD) : A blocked fundraiser organizer would be unable to view or remove…
Hi All,This is a simple logical issue which I found in Facebook fundraiser feature. The blocking fea...
2021-01-01 05:53:25 | 阅读: 218 |
收藏
|
medium.com
victim
fundraiser
attacker
organizer
facebook
Breaking the Internet with Shodan: We love P1s!
Hi my fellow hackers, my buddies! Welcome to my new blog! We are here, ending the year which we badl...
2020-12-31 21:35:54 | 阅读: 270 |
收藏
|
medium.com
dorks
kibana
ton
putting
dorking
Finding The Origin IP Behind CDNs
Hello guys, It’s HolyBugx I started writing this after this tweet, as I saw many interested people w...
2020-12-31 06:22:25 | 阅读: 233 |
收藏
|
medium.com
historical
favicon
attackers
security
defenders
How I exploit the JSON CSRF with method override technique
CSRF(Cross-Site Request Forgery) is a kind of web application vulnerability, using this a malevolent...
2020-12-25 02:47:18 | 阅读: 270 |
收藏
|
medium.com
fortified
satisfied
2nd
behaviour
Facebook bug Bounty -Finding the hidden members of the private events.
Hi All,I am Vivek. This is about a bug that I found in the Facebook private events. I reported almos...
2020-12-23 14:28:24 | 阅读: 196 |
收藏
|
medium.com
facebook
victim
remembered
informative
How I hacked Facebook: Part One
I never found a vulnerability on one of Facebook subdomains, and I took a look at some writeups and...
2020-12-17 14:35:29 | 阅读: 258 |
收藏
|
medium.com
tapprd
facebook
okay
sso
Remote Sensitive Data Exposure over *.unesco.org, thanks to Options Bleed
Catching a low-hanging juicy fruit through Options BleedDate reported — 02–07–2019# Vulnerable Softw...
2020-12-17 13:43:49 | 阅读: 213 |
收藏
|
medium.com
unesco
kerb
bleed
seemed
Intigriti’s December XSS Challenge 2020 (unintended solution)
Mozilla warningMy idea was to somehow compile a payload in the operation variable, so it gets execut...
2020-12-15 12:10:19 | 阅读: 257 |
收藏
|
medium.com
num1
num2
intigriti
1220
payload
Content-Security-Policy Bypass to perform XSS
Recently, I performed a Cross Site Scripting vulnerability, however a normal XSS payload wasn’t bein...
2020-12-15 12:10:09 | 阅读: 226 |
收藏
|
medium.com
payload
php
countdown
attacker
security
Identifying & Exploiting SQL Injection: Manual & Automated
In this article, we will start by Identifying the SQL Injection vulnerabilities & how to exploit the...
2020-12-13 16:35:50 | 阅读: 238 |
收藏
|
medium.com
database
sqlmap
fig
acuart
injection
Sensitive data exposure through GitHub: A deep dive into bug ocean
Hello my hacker buddies, I hope you all are doing great. Keep finding bugs and even if you are not f...
2020-12-10 03:35:02 | 阅读: 202 |
收藏
|
medium.com
dorks
github
dorking
repository
anyways
Chaining vulnerabilities lead to account takeover
In this write-up, I will explain how I was able to chain five vulnerabilities that lead to one link...
2020-12-05 09:50:33 | 阅读: 242 |
收藏
|
medium.com
leakage
client
weird
Applying the old school hacking to bug hunting
Or, documentation + source code = knowledge, profit(?)I’m a big fan of the old school approach to ha...
2020-12-02 09:46:43 | 阅读: 260 |
收藏
|
medium.com
jira
ffuf
wappalyzer
slashes
pfed
The YouTube bug that allowed unlisted uploads to any channel
It was late June when I received an invitation to test out a new product from YouTube: a video build...
2020-12-01 07:37:09 | 阅读: 260 |
收藏
|
medium.com
youtube
6e4b
unlisted
beca
Bcrypt — Account TakeOver Due To Weak Encryption — #HR51KDB
Hey Fellas! I hope you all are doing good and safe. Thank you so much for showing your interest in m...
2020-11-29 22:08:10 | 阅读: 288 |
收藏
|
medium.com
otp
bcrypt
otppassword
debcrypt
ato
Testing for Directory or Path Traversal Vulnerabilities
In this article, we’ll be discussing, how to perform Directory Traversal or Path Traversal attacks,...
2020-11-29 20:06:26 | 阅读: 326 |
收藏
|
medium.com
windows
testsite
sequences
slash
attacker
Reflected Cross Site Scripting on Private Program (Bounty:750$)
Hi guys, this is my first english write-up, so I’m sorry for my bad english grammar.Obviously, I dis...
2020-11-27 16:03:12 | 阅读: 271 |
收藏
|
medium.com
sorry
exploring
payload
blur
guys
Beginners Guide: VPS Setup for Bug Bounty Recon Automation
Hello, All. My name is Ranjan. I am a final year CS undergrad and a part-time bug bounty hunter. Due...
2020-11-25 19:22:28 | 阅读: 400 |
收藏
|
medium.com
ssh
cloud
username
bothra
Previous
5
6
7
8
9
10
11
12
Next