Old but GOLD Dot Dot Slash to Get the Flag — Uber Microservice – Ron Chan
Uber is built on a bunch of microservices, naturally, if you want to interact with microservice, you may want to use some REST apis to…
Category: Mix
INTERVIEW w @SherlockSecure : TOP 15 on GITHUB | TOP 400 on BC | APPROACH, MINDSET & MORE…
INTERVIEW w @SherlockSecure : TOP 15 on GITHUB | TOP 400 on BC | APPROACH, MINDSET & MORE… Source link
Hacking Razer Pay Ewallet App
Introduction This write-up is about hacking the Razer Pay Android app – an E-Wallet app used in Singapore and Malaysia. It was an interesting journey…
Ideal Tasks and Use-Cases · rez0
I’ve been using ChatGPT for lots of hacking or engineering tasks. It’s extremely useful and much faster than executing on similar tasks without it. The…
Automating Permission Checks Using OpenAPI Security Scanner?
Automating Permission Checks Using OpenAPI Security Scanner? Source link
AWAE Course and OSWE Exam Review – RCE Security
This is a review of the Advanced Web Attacks and Exploitation (WEB-300) course and its OSWE exam by Offensive-Security. I’ve taken this course because I…
Broken Access Control – Lab #7 User ID controlled by request parameter | Long Version
Broken Access Control – Lab #7 User ID controlled by request parameter | Long Version Source link
Dangerous Code Hidden in Plain Sight for 12 years
Dangerous Code Hidden in Plain Sight for 12 years Source link
DNS Tools Comparison
The Story [EDIT 26/04/22] – I added a note on my personal conclusion about Amass with a note from a conversation with Caffix about why…
Server-Side Prototype Pollution Scanner | Blog
Gareth Heyes | 13 March 2023 at 15:00 UTC We recently published some research on server-side prototype pollution where we went into detail on techniques…
[BugBounty] Decoding a $😱,000.00 htpasswd bounty
tldr; A Private Bug Bounty Program had a globally readable .htpasswd file. I cracked the DES hash, got access to development and staging environments and…
Open Source Hacking Lab | Guide on File Inclusion Vulnerability and Path Traversal Attack in PHP
Open Source Hacking Lab | Guide on File Inclusion Vulnerability and Path Traversal Attack in PHP Source link