OWASP Chicago 2018 – Pentesting with Serverless Infrastructure
Slides Supplemental Serverless Toolkit available here: https://github.com/ropnop/serverless_toolkit Source link
Category: Mix
The Mystery of postMessage – Ron Chan
From time to time we see postMessage bug in H1 hacktivity, some write ups mentioning the word postMessage, but do you really know what is…
INTERVIEW WITH @_BASE_64 : 19 Y/o | TOP 150 WORLDWIDE on H1 | METHODOLOGY, MINDSET & MORE…
INTERVIEW WITH @_BASE_64 : 19 Y/o | TOP 150 WORLDWIDE on H1 | METHODOLOGY, MINDSET & MORE… Source link
Enumerating hard to guess AD username format
I quite enjoy external Pentest, especially when the scope is large. There has been some really interesting stuff I have found in the past but…
Tips and Scripts from a Hacker Dad · rez0
As a hacker and bug bounty hunter, I spend a lot of my time optimizing and improving. So, as a father of three, I work…
Cookie Tossing
Cookie Tossing Source link
Smuggling an (Un)exploitable XSS – RCE Security
This is the story about how I’ve chained a seemingly uninteresting request smuggling vulnerability with an even more uninteresting header-based XSS to redirect network-internal web…
Broken Access Control – Lab #8 UID controlled by parameter, with unpredictable UIDs | Short Version
Broken Access Control – Lab #8 UID controlled by parameter, with unpredictable UIDs | Short Version Source link
When You Use One Wrong Javascript Module
When You Use One Wrong Javascript Module Source link
Basic recon to RCE II
I originally wanted to name this article “The RCE that everyone missed”, but since it was too “clickbait”, this is the title you see now.…
Packetlabs Ltd delivers advanced testing capabilities with Burp Suite Certified Practitioners | Blog
Emma Stocks | 27 January 2023 at 11:11 UTC We launched the Burp Suite Certified Practitioner (BSCP) certification at the end of 2021 due to…
[Research] Phishermans Friend – Getting control over a phishing backend
Dear Readers, once in a while I enjoy blogging about things unrelated to bug bounties. And so, as it happens, on a quiet Thursday night…