The Mystery of postMessage – Ron Chan
From time to time we see postMessage bug in H1 hacktivity, some write ups mentioning the word postMessage, but do...
Read more →Category: Mix
INTERVIEW WITH @_BASE_64 : 19 Y/o | TOP 150 WORLDWIDE on H1 | METHODOLOGY, MINDSET & MORE…
INTERVIEW WITH @_BASE_64 : 19 Y/o | TOP 150 WORLDWIDE on H1 | METHODOLOGY, MINDSET & MORE… Source link
Read more →
Enumerating hard to guess AD username format
I quite enjoy external Pentest, especially when the scope is large. There has been some really interesting stuff I have...
Read more →
Tips and Scripts from a Hacker Dad · rez0
As a hacker and bug bounty hunter, I spend a lot of my time optimizing and improving. So, as a...
Read more →
Smuggling an (Un)exploitable XSS – RCE Security
This is the story about how I’ve chained a seemingly uninteresting request smuggling vulnerability with an even more uninteresting header-based...
Read more →
Broken Access Control – Lab #8 UID controlled by parameter, with unpredictable UIDs | Short Version
Broken Access Control – Lab #8 UID controlled by parameter, with unpredictable UIDs | Short Version Source link
Read more →
When You Use One Wrong Javascript Module
When You Use One Wrong Javascript Module Source link
Read more →
Basic recon to RCE II
I originally wanted to name this article “The RCE that everyone missed”, but since it was too “clickbait”, this is...
Read more →
Packetlabs Ltd delivers advanced testing capabilities with Burp Suite Certified Practitioners | Blog
Emma Stocks | 27 January 2023 at 11:11 UTC We launched the Burp Suite Certified Practitioner (BSCP) certification at the...
Read more →![[Research] Phishermans Friend – Getting control over a phishing backend](https://cybernoz.com/wp-content/uploads/2023/03/Research-phishermans-friend--getting-control-over-a-phishing-backend.jpg "[Research] Phishermans Friend – Getting control over a phishing backend 18")
[Research] Phishermans Friend – Getting control over a phishing backend
Dear Readers, once in a while I enjoy blogging about things unrelated to bug bounties. And so, as it happens,...
Read more →
How to Hunt for Zip Slip Exploits in Open Source Bug Bounty | huntr.dev #methodology
How to Hunt for Zip Slip Exploits in Open Source Bug Bounty | huntr.dev #methodology Source link
Read more →