Using XAMPP and Burp Intruder when scanning for subdomains to look for interesting behaviour & code | by Sean (zseano)
Do any of you use Intruder when checking out subdomains? For me personally I use a tool called “XAMPP” which...
Read more →Category: Mix
Local file inclusion at IKEA.com. A write-up about a PDF bug that allowed… | by Jonathan Bouman
Proof of concept Are you aware of any (private) bug bounty programs? I would love to get an invite. Please...
Read more →
Exfiltration via CSS Injection. Today’s topic is something that’s… | by d0nut
Today’s topic is something that’s already pretty well covered: CSS injections. I wanted to talk about my experience implementing this...
Read more →
BOUNTY THURSDAYS – LIVE #2 (NEWS/TOOLS and Community Questions with Jason Haddix)
BOUNTY THURSDAYS – LIVE #2 (NEWS/TOOLS and Community Questions with Jason Haddix) Source link
Read more →
Offensive Security Experienced Penetration Tester (OSEP) Review and Exam
In August last year, Offensive Security announced that it was retiring the long-standing Offensive Security Certified Expert (OSCE) certification and...
Read more →
Cracking my windshield and earning $10,000 on the Tesla Bug Bounty Program
One of the more interesting things I’ve had the opportunity to hack on is the Tesla Model 3. It has...
Read more →
Configuring a Pretty and Usable Terminal Emulator for WSL
I’ve been using a Mac as my daily driver for work for the last few years. While there’s nothing particularly...
Read more →![[Uber 8k Bug] Login CSRF + Open Redirect = Account Take Over – Ron Chan](https://cybernoz.com/wp-content/uploads/2023/04/Uber-8k-Bug-Login-CSRF-Open-Redirect-Account.jpg "[Uber 8k Bug] Login CSRF + Open Redirect = Account Take Over – Ron Chan 23")
[Uber 8k Bug] Login CSRF + Open Redirect = Account Take Over – Ron Chan
Have been hunting Uber bugs for quite a while, and this is my first blog post about Uber bug hunting...
Read more →
No BS Guide – Underrated Utility Tools for Bug Bounty
No BS Guide – Underrated Utility Tools for Bug Bounty Source link
Read more →
Hacker monkeys · rez0
A collection of AI-generated Hacker Monkeys If you want to see an image in full resolution, you can right click...
Read more →
Hacking with OpenAI GPT-3 | Hacking Without Humans
Hacking with OpenAI GPT-3 | Hacking Without Humans Source link
Read more →
Broken Access Control – Lab #10 User ID controlled by param with password disclosure | Long Version
Broken Access Control – Lab #10 User ID controlled by param with password disclosure | Long Version Source link
Read more →