43247
Happy hunting! thebugbountyhunter.com hello@thebugbountyhunter.com
260 - Hardwear.IO NL, DEF CON 32, and Filesystem Exploitation
https://dayzerosec.com/podcast/260.html
Hello everyone,
I’m looking for a talented individual with full-stack expertise to join our team. Currently, I only have the frontend developed, so this role will be essential for leading the technical aspects of our project.
I'm building a new community and need someone who’s passionate about creating something impactful from the ground up. We'll work closely as a team, and we can discuss the benefits of this collaboration.
“If you want to go fast, go alone; if you want to go far, go together.”
As always, we’re open to hearing from advisors, business angels, or companies interested in collaborating with us.
Looking forward to connecting!
hello@thebugbountyhunter.com
#bugbounty #community #fullstack #startups #business
Anatomy of an LLM RCE
https://www.cyberark.com/resources/threat-research-blog/anatomy-of-an-llm-rce
Vulnerabilities of Realtek SD card reader driver, part 1
https://zwclose.github.io/2024/10/14/rtsper1.html
Anthropic Expands Their Model Safety Bug Bounty Program
https://www.hackerone.com/customer-stories/anthropic-expands-bug-bounty-program
AWS CDK Risk: Exploiting a Missing S3 Bucket Allowed Account Takeover
https://www.aquasec.com/blog/aws-cdk-risk-exploiting-a-missing-s3-bucket-allowed-account-takeover/
Intigriti CTF 2024 - 1337 UP - Live Hacking Talks
https://www.youtube.com/watch?v=BKXfrNwrcqQ
Authenticated Remote Code Execution in multiple Xerox printers
https://sec-consult.com/vulnerability-lab/advisory/authenticated-remote-code-execution-in-multiple-xerox-printers/
5 new protections on Google Messages to help keep you safe
http://security.googleblog.com/2024/10/5-new-protections-on-google-messages.html
October is Cybersecurity Month. We're removing the install count and time since the last update limits for massive cleanup 🚀
Also, If we hit 1K valid reports, we're adding an extra $100 for anyone who submits 10 reports with a 6.5+ CVSS score 🔥
Join us https://patchstack.com/bug-bounty/
Latest Nuclei Release v3.3.5!
https://github.com/projectdiscovery/nuclei/releases/tag/v3.3.5
Tips for Parents Working from Home from HackerOne Employees
https://www.hackerone.com/culture-and-talent/tips-parents-working-home-hackerone-employees
Latest Nuclei Release v3.3.5!
https://github.com/projectdiscovery/nuclei/releases/tag/v3.3.5
Security Page Updates: Boosting Consistency & Transparency for Security Researchers and Customers
https://www.hackerone.com/security-page-updates
Find XSS on the Fly 🔥( Full guide )
zack0x01_/find-xss-on-the-fly-full-guide-300f07fb86ae" rel="nofollow">https://medium.com/@zack0x01_/find-xss-on-the-fly-full-guide-300f07fb86ae
How To Scan The Entire Cloud
https://www.youtube.com/watch?v=IKefdmXFa3U
$150,000 Evmos Vulnerability Through Reading Documentation
jjordanjjordan/150-000-evmos-vulnerability-through-reading-documentation-d26328590a7a" rel="nofollow">https://medium.com/@jjordanjjordan/150-000-evmos-vulnerability-through-reading-documentation-d26328590a7a
How Hai’s Report Summarization Turns Complex Data Into Actionable Insights
https://www.hackerone.com/ai/hai-report-summarization
Concealing payloads in URL credentials
https://portswigger.net/research/concealing-payloads-in-url-credentials
Zero to LHE in 9 Months (feat gr3pme) (Ep. 91)
https://www.youtube.com/watch?v=5WIRyMA0FfM
YesWeHack Hunter Interviews - #10 Blaklis: “I'm still a bit of a Cro-Magnon in the way I hack”
https://www.youtube.com/watch?v=D132QBUJMVQ
Using Nix to Fuzz Test a PDF Parser (Part One)
https://mtlynch.io/nix-fuzz-testing-1/
A Visual Guide to Bug Bounty Success
https://www.hackerone.com/application-security/visual-guide-bug-bounty-success
SQL Injection Polyglots / nastystereo.com
https://nastystereo.com/security/sqli-polyglots.html
Is This The Best Recon Framework?
https://www.youtube.com/watch?v=GOwq95QMv_g
Attacking APIs using JSON Injection
https://danaepp.com/attacking-apis-using-json-injection
How to build a secure recon network using Tailscale | @Bugcrowd
https://www.bugcrowd.com/blog/how-to-build-a-secure-recon-network-using-tailscale/
Use Case: Bypassing In-App Purchase By Payment Client-Side Validation
https://secfathy0x1.medium.com/use-case-bypassing-in-app-purchase-by-payment-client-side-validation-e87e2c775a9c
259 - Zendesk’s Email Fiasco and Rooting Linux with a Lighter
https://dayzerosec.com/podcast/259.html
5k Clickjacking, Encryption Oracles, and Cursor for PoCs (Ep. 90)
https://www.youtube.com/watch?v=S8qzaXhWHyw