43247
Happy hunting! thebugbountyhunter.com hello@thebugbountyhunter.com
Authorization bypass due to cache misconfiguration
rikeshbaniya/authorization-bypass-due-to-cache-misconfiguration-fde8b2332d2d" rel="nofollow">https://medium.com/@rikeshbaniya/authorization-bypass-due-to-cache-misconfiguration-fde8b2332d2d
RCE on Xiaomi 13 Pro (CVE-2023-26324)
👉Exploitation:
1) Open URL in WebView
2) Inject JavaScript
3) Execute JavaScript Interface functions from vulnerable GetApps to install & launch payload
4) Get shell
👉Slides with PoC: https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Ken%20Gannon%20Ilyes%20Beghdadi%20-%20Xiaomi%20The%20Money%20Our%20Toronto%20Pwn2Own%20Exploit%20and%20Behind%20The%20Scenes%20Story.pdf
SSRFing the Web with the help of Copilot Studio
https://www.tenable.com/blog/ssrfing-the-web-with-the-help-of-copilot-studio
Discovering a Session Persistence Vulnerability That Led to a $$$$ Bounty
https://anonysm.medium.com/discovering-a-session-persistence-vulnerability-225e4b38e605
NIST CSF 2.0 and Pentesting: What You Need to Know
https://www.hackerone.com/security-compliance/nist-csf-pentesting
Walkthrough of CVE-2023-7028 - Account Takeover via Password Reset
https://youtu.be/ydg95R2QKwM?si=67uHSktsboqAoNft
CVE-2024-7646: Ingress-NGINX Annotation Validation Bypass
https://www.armosec.io/blog/cve-2024-7646-ingress-nginx-annotation-validation-bypass/
XSS via CSPT and Open Redirect - Solution to August '24 Challenge (Defcon)
https://www.youtube.com/watch?v=yGRRGUtT9MU
Creating a Malicious Atlassian Plugin
https://cyllective.com/blog/posts/atlassian-malicious-plugin
Apply "display: block" to script tags to view them like p tags!
https://www.youtube.com/watch?v=aOA53HXsyVk
Wormable Substack XSS
https://blog.calif.io/p/wormable-substack-xss
Breaking the Barrier: Admin Panel Takeover Worth $3500
noob.assassin/breaking-the-barrier-admin-panel-takeover-worth-3500-78da79089ca3" rel="nofollow">https://medium.com/@noob.assassin/breaking-the-barrier-admin-panel-takeover-worth-3500-78da79089ca3
Security Code Review: Finding XML vulnerabilities in Code [1/2]
https://www.muqsitbaig.com/blog/security-code-review-finding-xxes-in-code/
3 Bug Bounty Lessons From Retail & eCommerce Customers
https://www.hackerone.com/customer-stories/retail-ecommerce-lessons
Gitxray: a security X-Ray for GitHub repositories
https://blog.kulkan.com/gitxray-a-security-x-ray-for-github-repositories-af8322350db4
My Trip to DEF CON & Black Hat
https://www.youtube.com/watch?v=bhQ6FF3fCdA
HackerOne Company Values Matter: Execute with Excellence
https://www.hackerone.com/culture-and-talent/hackerone-company-values-matter-execute-excellence
DEFCON 32 Vlog
https://www.youtube.com/watch?v=Ohr5KibrPhA
We wrote the code, and the code won
https://blog.trailofbits.com/2024/08/15/we-wrote-the-code-and-the-code-won/
GitHub - ahussam/url-tracker: Change monitoring app that checks the content of web pages in different periods.
https://github.com/ahussam/url-tracker
Security Flaws in Privilege Downgrades: How Users Can Exploit API Keys and Privilege escalation
Az3m/security-flaws-in-privilege-downgrades-how-users-can-exploit-api-keys-and-privilege-escalation-886b37c2344d" rel="nofollow">https://medium.com/@Az3m/security-flaws-in-privilege-downgrades-how-users-can-exploit-api-keys-and-privilege-escalation-886b37c2344d
Exploiting HuggingFace’s Assistants to Extract Users’ Data
https://www.lasso.security/blog/exploiting-huggingfaces-assistants-to-extract-users-data
Latest Nuclei Release v3.3.1!
https://github.com/projectdiscovery/nuclei/releases/tag/v3.3.1
Hack My Career: Advice from HackerOne Employees
https://www.hackerone.com/culture-and-talent/hack-my-career-advice-hackerone-employees
Mixing watering hole attacks with history leak via CSS |
https://adepts.of0x.cc/css-history-leaks/
HackerOne's List of Top 10 AI EMB(arrassments)
https://www.hackerone.com/ai/top-10-ai-embarrassments
We are bug bounty hunters. #bugbounty #hacking
https://www.youtube.com/watch?v=Xsg7IwWbRZ8
Gotta cache 'em all: bending the rules of web cache exploitation
https://portswigger.net/research/gotta-cache-em-all
Keeping your Android device safe from text message fraud
http://security.googleblog.com/2024/08/keeping-your-android-device-safe-from.html
How I got my first $13500 bounty through Parameter Polluting (HPP)
https://medium.com/bugbountywriteup/how-i-got-my-first-13500-bounty-through-parameter-polluting-hpp-179666b8e8bb