unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
A Tale of 2nd $xxx Bounty | Ability to Gain Persistence on Facebook Events as an unremovable…
Ability to Gain Persistence on Facebook Events as an unremovable co-host.This writeup describes a bu...
2021-02-10 11:31:56 | 阅读: 223 |
收藏
|
medium.com
facebook
eventone
usertwo
pagetwo
malicious
Dangling DNS: AWS EC2
Oct 3rd, 2019Asset: Private Program #1 (*.example.com)Report:Details:I began with enumerating subdom...
2021-02-10 03:32:12 | 阅读: 258 |
收藏
|
medium.com
dangling
ec2
subdomain
2019asset
fig
TCS HackQuest Season 5 - First Round CTF Write-up
TCS HackQuest Season 5TCS HackQuest Season 5 is an ongoing CTF competition conducted by TCS Company...
2021-02-07 02:13:11 | 阅读: 333 |
收藏
|
medium.com
hq5
competition
hackquest
php
Hacking Organizations One Document at a Time With Metadata
Metadata is simply defined as data about data. In computer systems, this is used to correctly interp...
2021-02-03 22:41:46 | 阅读: 224 |
收藏
|
medium.com
client
software
leveraged
removal
security
Intigriti’s January XSS Challenge
IntroductionExplaining the codeInitial ideas and method of solvingThe solutionAs always, I started w...
2021-02-02 19:13:33 | 阅读: 233 |
收藏
|
medium.com
inject
intigriti
0121
subdomain
0aid
How I chained P4 To P2 [Open Redirection To Full Account Takeover]
Hello everyone,I hope you are doing good. After a very long time I am back with a new article about...
2021-02-01 20:14:32 | 阅读: 241 |
收藏
|
medium.com
bugcrowd
redirecturl
injection
redirection
security
OTP login rate limit bypass- The easiest bug beginners could find.
Hello friends,Today I am going to write about a vulnerability that may motivate some beginners who a...
2021-02-01 18:06:01 | 阅读: 273 |
收藏
|
medium.com
otp
burp
entering
exceeded
tampering
Bragging Rights(Part 1): Short story of a bug wave
Hi my fellow hacker buddies, I hope you all are doing well. We have entered in a new year(finally) a...
2021-01-31 03:02:41 | 阅读: 277 |
收藏
|
medium.com
ssrf
idor
subdomain
hardcoded
username
Let’s know How I have explored the buried secrets in React Native application
A new era in Android Reverse Engineering part-1Thanks for the huge response to my previous write-up....
2021-01-29 05:05:41 | 阅读: 286 |
收藏
|
medium.com
reverse
apk
minified
coded
dex2jar
CRASH COURSE FOR FINDING SQL INJECTION IN WEBAPPS:PART 1
I agree manually finding SQL injection in web applications is difficult stuff and not easy to find....
2021-01-28 19:21:50 | 阅读: 306 |
收藏
|
medium.com
database
attacker
injection
username
band
Business Logic Error Methodology (easy way) + PoC-s
, or hacking the website’s functionality by editing HTML code on the flyI have found this type of bu...
2021-01-28 14:23:37 | 阅读: 229 |
收藏
|
medium.com
figuring
buttons
deleting
lucky
soft
Get paid by smuggling, the legal way
The love story of Host Header Injection and HTTP Request SmugglingAs all of you smart and security-m...
2021-01-28 04:33:39 | 阅读: 232 |
收藏
|
medium.com
burp
security
Hacking BugPoc’s 18 Game (XSS challenge) hosted by The XXS rat
Why does my title say “Hacking” when it’s just an XSS challenge? Because I didn’t solve the challeng...
2021-01-21 18:19:16 | 阅读: 244 |
收藏
|
medium.com
pile
winning
bugpoc
clicked
opener
Site Defacement and Denial of Service via. Cross-Site Scripting
Bypassing regex filtering in an Oracle product“Cross-site scripting (XSS) is perhaps the most well-k...
2021-01-21 05:40:37 | 阅读: 244 |
收藏
|
medium.com
payload
ans
client
submission
[Bug Bounty] 600$ Info Disclosure: a token is not the same on all endpoints
Hi y'all guys, I haven’t been writing for a long time as I focused more on bounties. Wanted to share...
2021-01-19 12:50:58 | 阅读: 219 |
收藏
|
medium.com
2323
backup
bypass
Exploiting Error Based SQL Injections & Bypassing Restrictions
In this article, we will be learning how to escalate attacks when we are stuck with Error Based SQL...
2021-01-19 12:42:59 | 阅读: 437 |
收藏
|
medium.com
database
injection
0aselect
2a
53elect
Guide to Bypassing MFA in 2020
As more applications and resources move to the cloud, organization’s are requiring multi-factor auth...
2021-01-13 05:37:14 | 阅读: 272 |
收藏
|
medium.com
bypass
security
bypassing
client
microsoft
eCPPTv2 Exam Review
The penetration Testing domain has grown exponentially in the last couple of years and so the compet...
2021-01-13 02:34:48 | 阅读: 675 |
收藏
|
medium.com
pivoting
overflow
boxes
remote
Finding bugs on Chess.com
Finding vulnerabilities on the Chess.comHi hunters and folks, I’m a chess lover and almost use Chess...
2021-01-08 21:25:06 | 阅读: 312 |
收藏
|
medium.com
chess
captcha
disconnect
hcaptcha
solving
Hack crypto secrets from heap memory to exploit Android application
Typically, There was no significant impact (in general the severity is low) for a Broken Cryptograph...
2021-01-08 21:24:56 | 阅读: 262 |
收藏
|
medium.com
hprof
mat
memory
encryption
heapdump
Previous
4
5
6
7
8
9
10
11
Next