Category: Mix

Deserialization in Perl v5.8 | Agarri : Sécurité informatique offensive
13
Mar
2023

Deserialization in Perl v5.8 | Agarri : Sécurité informatique offensive

Deserialization in Perl v5.8 During a pentest, I found an application containing a form with a hidden parameter named “state”….

Predictions for 2023 from Latest API Threat Research
13
Mar
2023

Predictions for 2023 from Latest API Threat Research

March has arrived and is roaring like a very confused lion, at least in the northern hemisphere. And much like…

Scanning for hardcoded secrets in source code | Security Simplified
13
Mar
2023

Scanning for hardcoded secrets in source code | Security Simplified

Scanning for hardcoded secrets in source code | Security Simplified Source link

Clip: Subnets and Subnet Masks
13
Mar
2023

Clip: Subnets and Subnet Masks

Clip: Subnets and Subnet Masks Source link

[tl;dr sec] #171 - AppSec and CloudSec Resilience, Audit Logs Wall of Shame, Compromised Cloud to Kubernetes Takeover
13
Mar
2023

[tl;dr sec] #171 – AppSec and CloudSec Resilience, Audit Logs Wall of Shame, Compromised Cloud to Kubernetes Takeover

Hey there, I hope you’ve been doing well! Bingo with Flair 97% of Bingo games in America happen in a…

Interview with a bounty hunter - "I made 10k$!" - Virdoex_Hunter
13
Mar
2023

Interview with a bounty hunter – “I made 10k$!” – Virdoex_Hunter

Interview with a bounty hunter – “I made 10k$!” – Virdoex_Hunter Source link

information disclosure of another company bug on video.
13
Mar
2023

information disclosure of another company bug on video.

HackerOne disclosed a bug submitted by manish_adz: https://hackerone.com/reports/1886143 – Bounty: $500 Source link

Instagram App Access Token - These aren't the access_tokens you're looking for
13
Mar
2023

Instagram App Access Token – These aren’t the access_tokens you’re looking for

In Facebook Graph API as defined by the developer documentation, there are several access tokens, to authenticate against various API…

Build, Break, and Hack WebSockets
13
Mar
2023

Build, Break, and Hack WebSockets

Build, Break, and Hack WebSockets Source link

Is Apple deliberately killing our batteries?
13
Mar
2023

Is Apple deliberately killing our batteries?

Is Apple deliberately killing our batteries? Source link

Finding XSS on .apple.com and building a proof of concept to leak your PII information | by Sean (zseano)
13
Mar
2023

Finding XSS on .apple.com and building a proof of concept to leak your PII information | by Sean (zseano)

Back in February of this year I hacked with members of BugBountyHunter.com on a public bug bounty program and we…

Blind SQL Injection at fasteditor.hema.com | by Jonathan Bouman
12
Mar
2023

Blind SQL Injection at fasteditor.hema.com | by Jonathan Bouman

Proof of concept. The username of the database user starts with ‘hema’. BackgroundThese days almost every website uses a database….