Category: Mix

How to disable data persistence on Ubuntu using overlayroot
28
Mar
2023

How to disable data persistence on Ubuntu using overlayroot

How to disable data persistence on Ubuntu using overlayroot Source link

We’re back! BugBountyNotes relaunched as BugBountyHunter.com | by Sean (zseano)
28
Mar
2023

We’re back! BugBountyNotes relaunched as BugBountyHunter.com | by Sean (zseano)

Hi there! What a year it’s been right?! Let’s not mention the C word… it’s lockdown in 2hours here in…

Leaked Salesforce API access token at IKEA.com | by Jonathan Bouman
27
Mar
2023

Leaked Salesforce API access token at IKEA.com | by Jonathan Bouman

Proof of concept BackgroundPreviously we discussed a Local File Inclusion bug at IKEA.com, the bug was quite complicated and showed…

Attacks on Applications of K-Anonymity — For the Rest of Us | by d0nut
27
Mar
2023

Attacks on Applications of K-Anonymity — For the Rest of Us | by d0nut

Three weeks ago I saw a blog post by fellow bug hunter, Jack Cable. The post both inspired and challenged…

Q: HOW do you find hidden stuff on websites? (this episode is all about CONTENT DISCOVERY!)
27
Mar
2023

Q: HOW do you find hidden stuff on websites? (this episode is all about CONTENT DISCOVERY!)

Q: HOW do you find hidden stuff on websites? (this episode is all about CONTENT DISCOVERY!) Source link

Spaceraccoon New Year
27
Mar
2023

2Q21: New Year’s Reflections

Wishing you and your loved ones a very happy new year! Source link

Using ngrok to proxy internal servers in restrictive environments
27
Mar
2023

Using ngrok to proxy internal servers in restrictive environments

November 18, 2015 · security ngrok pentesting When gaining shell access to a machine on a network, a promising attack…

Penetrating PornHub - XSS vulns galore (plus a cool shirt!)
27
Mar
2023

Penetrating PornHub – XSS vulns galore (plus a cool shirt!)

When PornHub launched their public bug bounty program, I was pretty sure that most of the low hanging fruits of…

Abusing HTTP Path Normalization and Cache Poisoning to steal Rocket League accounts | Sam Curry
27
Mar
2023

Abusing HTTP Path Normalization and Cache Poisoning to steal Rocket League accounts | Sam Curry

Over the last few years, usage of vulnerability disclosure and bug bounty programs have increased significantly. It is now almost…

Extracting SSH Private Keys From Windows 10 ssh-agent
27
Mar
2023

Extracting SSH Private Keys From Windows 10 ssh-agent

This weekend I installed the Windows 10 Spring Update, and was pretty excited to start playing with the new, builtin…

Screen Shot 2017-11-01 at 8.43.30 PM
27
Mar
2023

1k Per Day Challenge — Earning 30k in 30 Days – Ron Chan

It starts with this tweet Since money is one of the best way to keep hunters motivated, going after a difficult…

INTERVIEW WITH @H13- : #1 BUG BOUNTY HUNTER ON SHOPIFY | METHODOLOGY, MISTAKES, TIPS & MORE...
27
Mar
2023

INTERVIEW WITH @H13- : #1 BUG BOUNTY HUNTER ON SHOPIFY | METHODOLOGY, MISTAKES, TIPS & MORE…

INTERVIEW WITH @H13- : #1 BUG BOUNTY HUNTER ON SHOPIFY | METHODOLOGY, MISTAKES, TIPS & MORE… Source link