Hacking CI/CD (Basic Pipeline Poisoning)
Hacking CI/CD (Basic Pipeline Poisoning) Source link
Category: Mix
ToolTime – Cloud Recon 1
ToolTime – Cloud Recon 1 Source link
Framing, Part 1: Click-Jacking Etsy – Jack
Back in October, I found a couple of issues in Etsy, which when combined could be used in a click-jacking attack. Incorrect Error Handling Pretty…
Bug bounty and the EU Cyber Resilience Act – everything you need to know
The EU Cyber Resilience Act aims to protect Europe from increasingly sophisticated cyber-threats. The first quarter of 2023 has seen significant cybersecurity legislation coming out…
limited freemarker ssti to arbitrary liql query and manage lithium cms | by mert tasci | Mar, 2023
we faced (w/ @celalerdik) an interesting ssti vulnerability on a bugcrowd’s program. we could show the traditional 49’ number when trying the ‘${7*7}’ command, also…
Advent of Cyber 2022: Day 16 SQLi’s the king, the carolers sing (Walkthrough)
Advent of Cyber 2022: Day 16 SQLi’s the king, the carolers sing (Walkthrough) Source link
How They Got Hacked Episode Fifty Eight 58
How They Got Hacked Episode Fifty Eight 58 Source link
yet another Bug Bounty Reconnaissance Framework – honoki
An example use case of bbrf, here integrating with subfinder from projectdiscovery.io Like anyone involved in bug bounty hunting, I have encountered a number of…
Finding security vulnerabilities with GitHub’s new code search
Finding security vulnerabilities with GitHub’s new code search Source link
Elixir Cheatsheet
1 min read 💎 Cullinan :: Develop Elixir Cheatsheet HAHWUL in cullinan Source link
Let’s Recon With Vaibhav | Hacker2Hacker | #osint #bugbounty
Let’s Recon With Vaibhav | Hacker2Hacker | #osint #bugbounty Source link
Leveraging Bug Bounties for Your Career | Panel
Leveraging Bug Bounties for Your Career | Panel Source link