Q: HOW do you get started in bug bounty?? How do you build your automation?!
Q: HOW do you get started in bug bounty?? How do you build your automation?! Source link
Read more →Category: Mix
Down the Rabbit Hole: Unusual Applications of OpenAI in Cybersecurity Tooling
Note: This is the blogpost version of a talk I gave to the National University of Singapore Greyhats club. If...
Read more →
Abusing URL Shortners to discover sensitive resources or assets
September 22, 2015 · websec bruteforce As of late, a fair few companies and startups have been using dedicated URL...
Read more →
Discovering a stored XSS that affects over 900k websites (CVE-2016-9751)
In my free time when I’m not hunting for bugs in paid programs, I like to contribute a bit to...
Read more →
Exploiting Null Byte Buffer Overflow for a ,000 bounty
As a preface, when I originally found this bug I was unfamiliar the class of “null byte buffer overflow” even...
Read more →
Thotcon 2018 – Fun With LDAP, Kerberos (and MSRPC) in AD Environments
Slides Supplemental The original (large) PowerPoint wih all embedded GIFs/Videos: https://1drv.ms/p/s!Aq5mEA03Lijrg9h-hsezBkUC5qwXag Source link
Read more →
One More Thing to Check for SSO – Flickr ATO – Ron Chan
I have something that is worth sharing when you are testing for SSO system. Hope you can learn something new...
Read more →
No BS Guide – ADVANCED BURP (FREE) TRICKS FOR BUG BOUNTY
No BS Guide – ADVANCED BURP (FREE) TRICKS FOR BUG BOUNTY Source link
Read more →
Payment bypass via parameter tampering
I was recently testing a checkout payment system. It was the type of setup where everything seemed to be locked...
Read more →
How to get setup to create awesome AI art · rez0
Generating hacker art via AI has been a passion of mine for a few months. I was accepted into DALL·E...
Read more →
Finding DOMXSS with DevTools | Untrusted Types Chrome Extension
Finding DOMXSS with DevTools | Untrusted Types Chrome Extension Source link
Read more →
About a Sucuri RCE…and How Not to Handle Bug Bounty Reports – RCE Security
TL;DR Sucuri is a self-proclaimed “most recommended website security service among web professionals” offering protection, monitoring and malware removal services....
Read more →