Category: Mix

Tweet DNS Tools
15
Mar
2023

DNS Tools Comparison

The Story [EDIT 26/04/22] – I added a note on my personal conclusion about Amass with a note from a…

Server-Side Prototype Pollution Scanner | Blog
15
Mar
2023

Server-Side Prototype Pollution Scanner | Blog

Gareth Heyes | 13 March 2023 at 15:00 UTC We recently published some research on server-side prototype pollution where we…

Ohne Titel
15
Mar
2023

[BugBounty] Decoding a $😱,000.00 htpasswd bounty

tldr; A Private Bug Bounty Program had a globally readable .htpasswd file. I cracked the DES hash, got access to…

Open Source Hacking Lab | Guide on File Inclusion Vulnerability and Path Traversal Attack in PHP
15
Mar
2023

Open Source Hacking Lab | Guide on File Inclusion Vulnerability and Path Traversal Attack in PHP

Open Source Hacking Lab | Guide on File Inclusion Vulnerability and Path Traversal Attack in PHP Source link

Does Cybersecurity Require Programming?
15
Mar
2023

Does Cybersecurity Require Programming?

Does Cybersecurity Require Programming? Source link

UMBC Cyberdawgs CTF: The Hacker One
15
Mar
2023

UMBC Cyberdawgs CTF: The Hacker One

UMBC Cyberdawgs CTF: The Hacker One Source link

Bypassing a WAF by Finding the Origin IP
15
Mar
2023

Bypassing a WAF by Finding the Origin IP

Bypassing a WAF by Finding the Origin IP Source link

Attacking Language Server JSON RPC
15
Mar
2023

Attacking Language Server JSON RPC

Attacking Language Server JSON RPC Source link

A look back at 2021
15
Mar
2023

A look back at 2021

It has become a tradition that I publish a review at the end of each year. Unlike previous years I…

Hacking CI/CD (Basic Pipeline Poisoning)
15
Mar
2023

Hacking CI/CD (Basic Pipeline Poisoning)

Hacking CI/CD (Basic Pipeline Poisoning) Source link

ToolTime - Cloud Recon 1
15
Mar
2023

ToolTime – Cloud Recon 1

ToolTime – Cloud Recon 1 Source link

15
Mar
2023

Framing, Part 1: Click-Jacking Etsy – Jack

Back in October, I found a couple of issues in Etsy, which when combined could be used in a click-jacking…