unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Hacking BugPoc’s 18 Game (XSS challenge) hosted by The XXS rat
Why does my title say “Hacking” when it’s just an XSS challenge? Because I didn’t solve the challeng...
2021-01-21 18:19:16 | 阅读: 247 |
收藏
|
medium.com
pile
winning
bugpoc
clicked
opener
Site Defacement and Denial of Service via. Cross-Site Scripting
Bypassing regex filtering in an Oracle product“Cross-site scripting (XSS) is perhaps the most well-k...
2021-01-21 05:40:37 | 阅读: 247 |
收藏
|
medium.com
payload
ans
client
submission
[Bug Bounty] 600$ Info Disclosure: a token is not the same on all endpoints
Hi y'all guys, I haven’t been writing for a long time as I focused more on bounties. Wanted to share...
2021-01-19 12:50:58 | 阅读: 224 |
收藏
|
medium.com
2323
backup
bypass
Exploiting Error Based SQL Injections & Bypassing Restrictions
In this article, we will be learning how to escalate attacks when we are stuck with Error Based SQL...
2021-01-19 12:42:59 | 阅读: 443 |
收藏
|
medium.com
database
injection
0aselect
2a
53elect
Guide to Bypassing MFA in 2020
As more applications and resources move to the cloud, organization’s are requiring multi-factor auth...
2021-01-13 05:37:14 | 阅读: 277 |
收藏
|
medium.com
bypass
security
bypassing
client
microsoft
eCPPTv2 Exam Review
The penetration Testing domain has grown exponentially in the last couple of years and so the compet...
2021-01-13 02:34:48 | 阅读: 687 |
收藏
|
medium.com
pivoting
overflow
boxes
remote
Finding bugs on Chess.com
Finding vulnerabilities on the Chess.comHi hunters and folks, I’m a chess lover and almost use Chess...
2021-01-08 21:25:06 | 阅读: 317 |
收藏
|
medium.com
chess
captcha
disconnect
hcaptcha
solving
Hack crypto secrets from heap memory to exploit Android application
Typically, There was no significant impact (in general the severity is low) for a Broken Cryptograph...
2021-01-08 21:24:56 | 阅读: 266 |
收藏
|
medium.com
hprof
mat
memory
encryption
heapdump
Yes. The Program Owner is correct at their place.
Harsh Bothra·1 hour agoYes. The Program Owner is correct at their place. The issue described in this...
2021-01-07 19:12:18 | 阅读: 214 |
收藏
|
medium.com
victim
agoyes
bothra
talks
The type of recon that you may skip on purpose, but this is why you shouldn’t
, or why being too quick can lead to a false positiveI have a theory that this probably affects more...
2021-01-02 18:31:14 | 阅读: 240 |
收藏
|
medium.com
patience
buttons
reasonable
worry
burp
Facebook bug bounty (500 USD) : A blocked fundraiser organizer would be unable to view or remove…
Hi All,This is a simple logical issue which I found in Facebook fundraiser feature. The blocking fea...
2021-01-01 05:53:25 | 阅读: 218 |
收藏
|
medium.com
victim
fundraiser
attacker
organizer
facebook
Breaking the Internet with Shodan: We love P1s!
Hi my fellow hackers, my buddies! Welcome to my new blog! We are here, ending the year which we badl...
2020-12-31 21:35:54 | 阅读: 270 |
收藏
|
medium.com
dorks
kibana
ton
putting
dorking
Finding The Origin IP Behind CDNs
Hello guys, It’s HolyBugx I started writing this after this tweet, as I saw many interested people w...
2020-12-31 06:22:25 | 阅读: 235 |
收藏
|
medium.com
historical
favicon
attackers
security
defenders
How I exploit the JSON CSRF with method override technique
CSRF(Cross-Site Request Forgery) is a kind of web application vulnerability, using this a malevolent...
2020-12-25 02:47:18 | 阅读: 270 |
收藏
|
medium.com
fortified
satisfied
2nd
behaviour
Facebook bug Bounty -Finding the hidden members of the private events.
Hi All,I am Vivek. This is about a bug that I found in the Facebook private events. I reported almos...
2020-12-23 14:28:24 | 阅读: 196 |
收藏
|
medium.com
facebook
victim
remembered
informative
How I hacked Facebook: Part One
I never found a vulnerability on one of Facebook subdomains, and I took a look at some writeups and...
2020-12-17 14:35:29 | 阅读: 258 |
收藏
|
medium.com
tapprd
facebook
okay
sso
Remote Sensitive Data Exposure over *.unesco.org, thanks to Options Bleed
Catching a low-hanging juicy fruit through Options BleedDate reported — 02–07–2019# Vulnerable Softw...
2020-12-17 13:43:49 | 阅读: 216 |
收藏
|
medium.com
unesco
kerb
bleed
seemed
Intigriti’s December XSS Challenge 2020 (unintended solution)
Mozilla warningMy idea was to somehow compile a payload in the operation variable, so it gets execut...
2020-12-15 12:10:19 | 阅读: 260 |
收藏
|
medium.com
num1
num2
intigriti
1220
payload
Content-Security-Policy Bypass to perform XSS
Recently, I performed a Cross Site Scripting vulnerability, however a normal XSS payload wasn’t bein...
2020-12-15 12:10:09 | 阅读: 226 |
收藏
|
medium.com
payload
php
countdown
attacker
security
Identifying & Exploiting SQL Injection: Manual & Automated
In this article, we will start by Identifying the SQL Injection vulnerabilities & how to exploit the...
2020-12-13 16:35:50 | 阅读: 240 |
收藏
|
medium.com
database
sqlmap
fig
acuart
injection
Previous
5
6
7
8
9
10
11
12
Next