Passcode Activity Bypass using Race Condition
An Activity is one of the Android’s component in an app. It is the screen that the user sees on a mobile app. (For example,…
Category: Mix
Everyone is wrong about Twitter · rez0
Twitter’s new fearless leader, by Midjourney AI The twittersphere has been full of hot-takes since Elon took over. Most everyone is wrong because they are…
Hacking 1Password | Episode 4 – Two Simple Bugs that Worth $3,300
Hacking 1Password | Episode 4 – Two Simple Bugs that Worth $3,300 Source link
From Quiz to Admin – Chaining Two 0-Days to Compromise An Uber WordPress – RCE Security
TL;DR While doing recon for H1-4420, I stumbled upon a WordPress blog that had a plugin enabled called SlickQuiz. Although the latest version 1.3.7.1 was…
Broken Access Control – Lab #9 UID controlled by param with data leakage in redirect | Short Version
Broken Access Control – Lab #9 UID controlled by param with data leakage in redirect | Short Version Source link
This Website has No Code, or Does it?
This Website has No Code, or Does it? Source link
Basic recon to RCE
Recently on a BugBounty program I came across my first RCE, discovered and exploited rather quickly on a solution with a vulnerability that I don’t…
Browser powered scanning 2.0 | Blog
Tom Shelton-Lefley | 15 December 2022 at 14:30 UTC It’s been two years since we unleashed browser powered scanning on the world, and we decided…
How to Hunt for Prototype Pollution Vulnerabilities in Open Source Bug Bounty | #methodology
How to Hunt for Prototype Pollution Vulnerabilities in Open Source Bug Bounty | #methodology Source link
#NahamCon2022EU: Managing a Bug Bounty Program From a Hacker’s Perspective by @0xlupin
#NahamCon2022EU: Managing a Bug Bounty Program From a Hacker’s Perspective by @0xlupin Source link
Hack the Box: How does linux work?
Hack the Box: How does linux work? Source link
Stream 00 : How to Bypass WAF for your XSS ! (OSINT Bonus) 🔥
Stream 00 : How to Bypass WAF for your XSS ! (OSINT Bonus) 🔥 Source link