Easily leaking passenger information on an Airline | by Sean (zseano)
This post is going to outline how I simply applied my methodology and managed to find multiple vulnerabilities leaking airline passenger information on a YesWeHack…
This post is going to outline how I simply applied my methodology and managed to find multiple vulnerabilities leaking airline passenger information on a YesWeHack…
Proof of concept Are you aware of any (private) bug bounty programs? I would love to get an invite. Please get in touch with me:…
BOUNTY THURSDAYS – LIVE #1 (SVG-XML/Redirects/OOB servers and Community Questions) Source link
Late last year, I was invited to Facebook’s Bountycon event, which is an invitation-only application security conference with a live-hacking segment. Although participants could submit…
A few weekends ago, I decided (because apparently I’m a masochist) that I was tired of the free version of ESXi running my home lab…
This post is another evidence to show how difficult to parse a URL correctly. IE has URL parsing problem, this idea is originated from Sergey Bobrov.…
No BS Guide – Better Subdomain Enumeration Source link
A collection of AI-generated Hacker Cats If you want to see an image in full resolution, you can right click on the image and select…
What’s the shortest domain? | Unicode Hacking & Tricks Source link
Broken Access Control – Lab #6 Method-based access control can be circumvented | Short Version Source link
Insecure Deserialization Attack Explained Source link
Matt Atkinson | 27 October 2022 at 13:03 UTC Introducing Dastardly – a free, lightweight web application security scanner for your CI/CD pipeline, from the…