Analysis of CVE-2019-14994 – Jira Service Desk Path Traversal leads to Massive Information Disclosure
Jira Service Desk is a help desk application that is built on top of core Jira. It allows customers to submit tickets that can be…
Category: Mix
Configuring Burp Suite With Android Nougat
This last weekend I started testing a new Android app for fun, and ran into some trouble getting Burp Suite working properly. I burned a…
Backdoor of All Flickr API Calls by XSSI – Ron Chan
After reporting the Flickr ATO fix bypass, I left Flickr for a few days and go hunt after Uber. I keep changing the target from…
INTERVIEW WITH @MR_HACKER | TOP 20 on INTIGRITI | METHODOLOGY, TIPS & TRICKS, ETC.
INTERVIEW WITH @MR_HACKER | TOP 20 on INTIGRITI | METHODOLOGY, TIPS & TRICKS, ETC. Source link
How to secure against Forced Browsing · rez0
Eliminate an entire vulnerability class from your web server in less than an hour As a hacker and bug hunter, one of my favorite bugs…
Hacking 1Password | Episode 3 – Decrypting the data without Crypto Knowledge
Hacking 1Password | Episode 3 – Decrypting the data without Crypto Knowledge Source link
Schneider Electric U.Motion Builder Remote Code Execution 0-day – RCE Security
I came across an unauthenticated Remote Code Execution vulnerability (called CVE-2018-7841) on an IoT device which was apparently using a component provided by Schneider Electric…
Broken Access Control – Lab #10 User ID controlled by param with password disclosure | Short Version
Broken Access Control – Lab #10 User ID controlled by param with password disclosure | Short Version Source link
How some functions can be Dangerous | bin 0x01
How some functions can be Dangerous | bin 0x01 Source link
My first OOB XXE exploitation
Recently on a BugBounty program I came across my first XXE, blind what’s more, as I found this case interesting I wanted to share it…
New: Burp Suite Enterprise Edition Unlimited pricing | Blog
Matt Atkinson | 30 March 2023 at 13:17 UTC More than 1,000 organizations are using Burp Suite Enterprise Edition to scale their web vulnerability scanning…
🎙️ Hacking, Open Source and Bug Bounty (Live Podcast) #2
🎙️ Hacking, Open Source and Bug Bounty (Live Podcast) #2 Source link