thebugbountyhunter | Unsorted

Telegram-канал thebugbountyhunter - The Bug Bounty Hunter

43247

Happy hunting! thebugbountyhunter.com hello@thebugbountyhunter.com

Subscribe to a channel

The Bug Bounty Hunter

Non-Intrusive Web Recon: Techniques from Chrome DevTools Recorder

https://flatt.tech/research/posts/non-intrusive-web-recon-techniques-from-chrome-devtools-recorder/

Читать полностью…

The Bug Bounty Hunter

The Top 10 Data Breaches of 2024

https://www.intigriti.com/blog/business-insights/the-top-10-data-breaches-of-2024

Читать полностью…

The Bug Bounty Hunter

How I Discovered Private Programs and New Programs Set to Launch on HackerOne

hossam_hamada/how-i-discovered-private-programs-and-new-programs-set-to-launch-on-hackerone-a85117a70d7b" rel="nofollow">https://medium.com/@hossam_hamada/how-i-discovered-private-programs-and-new-programs-set-to-launch-on-hackerone-a85117a70d7b

Читать полностью…

The Bug Bounty Hunter

Pentesting for Internal Networks

https://www.hackerone.com/penetration-testing/internal-network-pentests

Читать полностью…

The Bug Bounty Hunter

Testing JavaScript files for bug bounty hunters

https://www.intigriti.com/researchers/blog/hacking-tools/testing-javascript-files-for-bug-bounty-hunters

Читать полностью…

The Bug Bounty Hunter

CVE-2024-44825 - Invesalius Arbitrary File Write and Directory Traversal

https://www.partywave.site/show/research/CVE-2024-44825%20-%20Invesalius%20Arbitrary%20File%20Write%20and%20Directory%20Traversal

Читать полностью…

The Bug Bounty Hunter

Latest ReconFTW Release v2.9.1!

https://github.com/six2dez/reconftw/releases/tag/v2.9.1

Читать полностью…

The Bug Bounty Hunter

GitHub - gwen001/gitlab-subdomains: Find subdomains on GitLab.

https://github.com/gwen001/gitlab-subdomains

Читать полностью…

The Bug Bounty Hunter

$750 Domain Hijacking Vulnerability

1-day/750-domain-hijacking-vulnerability-f6e4b4445711" rel="nofollow">https://medium.com/@1-day/750-domain-hijacking-vulnerability-f6e4b4445711

Читать полностью…

The Bug Bounty Hunter

I’m Lovin’ It: Exploiting McDonald’s APIs to hijack deliveries and order food for a penny

https://eaton-works.com/2024/12/19/mcdelivery-india-hack/

Читать полностью…

The Bug Bounty Hunter

How an obscure PHP footgun led to RCE in Craft CMS

https://www.assetnote.io/resources/research/how-an-obscure-php-footgun-led-to-rce-in-craft-cms

Читать полностью…

The Bug Bounty Hunter

How to Write Great Bug Bounty & Pentest Report (Proof of Concepts)

https://www.youtube.com/watch?v=qR_OQsRFd7g

Читать полностью…

The Bug Bounty Hunter

How To Find Broken Access Control Vulnerabilities in the Wild

https://www.hackerone.com/community/find-broken-access-control-vulnerabilities

Читать полностью…

The Bug Bounty Hunter

Authentication Bypass Vulnerability in Philips IntelliSpace Cardiovascular

https://outurnate.com/authentication-bypass-vulnerability-in-philips-intellispace-cardiovascular

Читать полностью…

The Bug Bounty Hunter

🎅 revisited patchstackapp HQ. He needs you to find more difficult vulns in #WordPress plugins and themes.

📅 When: 17-23 Dec

🛡 What: SQLi, PHP Object Injection, Insecure Deserialization

📊 CVSS: 7.0+

📈 Installs: 50+

🎁 $4700 bounty pool

Читать полностью…

The Bug Bounty Hunter

Top 3 Bugs from the ThunderNFT Invite Only Program

https://medium.com/immunefi/top-3-bugs-from-the-thundernft-invite-only-program-373da9824cc9

Читать полностью…

The Bug Bounty Hunter

The Recruitment Process: What to Expect When You Apply at HackerOne

https://www.hackerone.com/culture-and-talent/recruitment-process-what-expect-when-you-apply-hackerone

Читать полностью…

The Bug Bounty Hunter

Release v1.1.0 · devploit/nomore403

https://github.com/devploit/nomore403/releases/tag/v1.1.0

Читать полностью…

The Bug Bounty Hunter

PentesterLab Blog: Another JWT Algorithm Confusion Vulnerability: CVE-2024-54150

https://pentesterlab.com/blog/another-jwt-algorithm-confusion-cve-2024-54150

Читать полностью…

The Bug Bounty Hunter

Intigriti 2024 – A year in review

https://www.intigriti.com/blog/news/intigriti-2024-a-year-in-review

Читать полностью…

The Bug Bounty Hunter

Blind XXE with OOB Interaction via XML Parameter Entities

https://medium.com/the-first-digit/blind-xxe-with-oob-interaction-via-xml-parameter-entities-97244bf2b85e

Читать полностью…

The Bug Bounty Hunter

Triage: The not-so-secret hack to impactful bug bounty programs

https://www.intigriti.com/blog/business-insights/triage-the-not-so-secret-hack-to-impactful-bug-bounty-programs

Читать полностью…

The Bug Bounty Hunter

How an IDOR Vulnerability Led to User Profile Modification

https://www.hackerone.com/vulnerability-management/idor-vulnerability-deep-dive

Читать полностью…

The Bug Bounty Hunter

Team 82 Sharon Brizinov - The Live Hacking Polymath (Ep. 98)

https://www.youtube.com/watch?v=CP3FxNPXh0g

Читать полностью…

The Bug Bounty Hunter

Limitations Are Just An Illusion: Brumens on Leveraging Advanced SSTI Exploitation to Achieve RCE

https://www.youtube.com/watch?v=FVm6wYc1S6A

Читать полностью…

The Bug Bounty Hunter

Exploiting Reflected Input Via the Range Header

https://attackshipsonfi.re/p/exploiting-reflected-input-via-the

Читать полностью…

The Bug Bounty Hunter

Insecure file uploads: A complete guide to finding advanced file upload vulnerabilities

https://www.intigriti.com/researchers/blog/hacking-tools/insecure-file-uploads-a-complete-guide-to-finding-advanced-file-upload-vulnerabilities

Читать полностью…

The Bug Bounty Hunter

267 - Buggy Operating Systems Are Coming to Town

https://dayzerosec.com/podcast/267.html

Читать полностью…

The Bug Bounty Hunter

Exposing Facebook’s Hidden Goldmine: Creators’ Private Data at Risk

gtm0x01/exposing-facebooks-hidden-goldmine-creators-private-data-at-risk-01317f3f0031" rel="nofollow">https://medium.com/@gtm0x01/exposing-facebooks-hidden-goldmine-creators-private-data-at-risk-01317f3f0031

Читать полностью…

The Bug Bounty Hunter

The Full Story of CVE-2024-6386: Remote Code Execution in WPML - WPSec

https://blog.wpsec.com/the-full-story-of-cve-2024-6386-remote-code-execution-in-wpml/

Читать полностью…
Subscribe to a channel