Mix

Two solutions for the January 2021 Initigriti XSS Challenge

Cybernoz

March 20, 2023 1 min read

Share X / Twitter LinkedIn Reddit WhatsApp Email

Two solutions for the January 2021 Initigriti XSS Challenge

Source link

Share X / Twitter LinkedIn Reddit WhatsApp Email

« Previous
Google Pixel flaw allowed recovery of redacted, cropped images

Next »
Google Project Zero issues vulnerability alert on Samsung Exynos Modems

All Mix →

Mix

JNDI Injection Remote Code Execution via Path Manipulation in MemoryUserDatabaseFactory

In this blog post, I’m going to describe a relative new vector to achieve remote code execution via a JNDI Injection that I found independently…

July 22, 2024 Cybernoz 7 min read

Mix

Happiness: Creation vs. Collection | Daniel Miessler

I have an observation that I’ve been mulling for the last few days: unhealthy people collect things. Healthy people create things. Naturally, statements like these…

April 15, 2025 Cybernoz 2 min read

Mix

Bug Bytes #195 – LastPass discovery, learning to code, and a complete guide to SSRF

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps…

March 18, 2023 Cybernoz 1 min read

Mix

Get as image function pulls any Insights/NRQL data from any New Relic account (IDOR)

This writeup walks you through the full process as to how I found a pretty bad Insecure Direct Object Reference (IDOR) in New Relic. In…

March 19, 2023 Cybernoz 4 min read

Mix

Retail Under Attack: 6 Learnings from a Retail Customer

Table of Contents 1. Retail and E-commerce Are Prone to Credential-based Attacks 2. Utilize Security Best Practices 3. How to Measure Bug Bounty ROI 4.…

August 23, 2024 Cybernoz 4 min read

Mix

The Different Types Of Bug Bounty Hunters

The Different Types Of Bug Bounty Hunters Source link

April 12, 2023 Cybernoz 1 min read

Latest Posts

What the industrialization of exploitation means for defenders
Threat Advisory: Hackers Are Exploiting CVE-2021-40444
US charges Google security engineer with Polymarket insider trading
Palo Alto Networks PAN-OS Authentication Vulnerability Bypass Exploited in the Wild
Trusted Dev Tools Abused to Steal Code and Secrets

Agbi
ArsTechnica
AttackDefense
Australiancybersecuritymagazine
Bankinfosecurity
Bleeping Computer
CISOOnline
CloudSecurity
ComputerWeekly
Crowdstrike
Cyber Security Ventures
CyberDefenseMagazine
CyberNews
Cyberscoop
CyberSecurity-Insiders
CyberSecurityDive
CyberSecurityNews
CyberWire
DarkReading
ExploitOne
GBHackers
Genel
HackerCombat
HackRead
HelpnetSecurity
IndustrialCyber
InfoSecurity
ITnews
ITSecurityGuru
Krebson
MalwareBytes
Mix
OTSecurity
PortSwigger
Rapid7
SCMP
securelist
Securityaffairs
SecurityWeek
techcrunch
TheCyberExpress
TheHackerNews
ThreatIntelligence-IncidentResponse
Tldrsec
Unit42
VendorResearch
welivesecurity
Wired
Zerosalarium

Related Articles