Zeroday on Github Copilot by Marlon Fabiano (Astrounder)English:Zeroday on Github CopilotAstrounder identified and reported... 2024-7-27 12:1:1 | 阅读: 1 | 收藏 | GC Cybermonks - gccybermonks.com copilot github em segurança

OWASP DefectDojo (CVE-2023-48171) by Felipe Novais (crwl3y)OWASP DefectDojo (CVE-2023-48171) IntroductionHave you ever imagined a cy... 2024-3-11 19:1:1 | 阅读: 1 | 收藏 | GC Cybermonks - gccybermonks.com defectdojo superuser client security malicious

Better PDF Exporter (Jira Plugin) [CVE 2023-42361] by Rodrigo GavaLFI (Local File Inclusion) Issue found in Jira Server and Data Center “Better PDF Ex... 2023-10-23 12:1:1 | 阅读: 2 | 收藏 | GC Cybermonks - gccybermonks.com jira exporter inclusion network ssrf

Another vision for SSRF by @phor3nsic_brSummaryFor a long time, I tested SSRF failures to search for services and ports f... 2022-6-7 02:4:57 | 阅读: 3 | 收藏 | GC Cybermonks - gccybermonks.com ssrf attacker subdomain client victim

SSRF Geoserver (CVE-2021-40822) by @phor3nsic_brThis article shows how it is possible to obtain a complete Server-side request for... 2022-5-18 02:4:57 | 阅读: 6 | 收藏 | GC Cybermonks - gccybermonks.com geoserver ssrf 8090 repository testservlet

Bypass Crowd Strike Falcon to Dump Windows Hashes by Samuel Pires (sunw4r)Recently on a Red Team Assessment, after achieving access on the internal n... 2022-3-17 19:2:1 | 阅读: 1 | 收藏 | GC Cybermonks - gccybermonks.com crowd

Prototype Pollution in plist v3.0.4 and simple-plist (CVE-2022-22912) by Guilherme KeerokPlist is a NodeJS package to read plist files. Plist files are most commonly use... 2022-3-17 19:1:1 | 阅读: 9 | 收藏 | GC Cybermonks - gccybermonks.com polluted dtds github

Bypassing Windows API hooking with syscalls by Marcelo BenesciuttiRecently I started to do some researches on AV/EDR bypass and Windows interna... 2021-10-15 19:1:1 | 阅读: 1 | 收藏 | GC Cybermonks - gccybermonks.com windows malicious openprocess defender

mXSS in support.mozilla.org by Guilherme KeerokThis is another bug that was discovered during @duphouse, and was the result of... 2021-9-22 19:1:1 | 阅读: 1 | 收藏 | GC Cybermonks - gccybermonks.com mozilla kitsune noscript sumo rendered

Three Microsoft Store vulnerabilites Author: Marlon FabianoDescription of the 3 vulnerabilities: “Generating invoices in the Microsoft S... 2021-6-24 19:54:47 | 阅读: 4 | 收藏 | GC Cybermonks - gccybermonks.com microsoft invoices revoked paying scammer

Microsoft Store free purschase vulnerabilites Author: Marlon FabianoFirst bypass - Free Vulnerability PurchasesMicrosoft has an extensive BugBou... 2021-6-24 18:54:47 | 阅读: 4 | 收藏 | GC Cybermonks - gccybermonks.com microsoft retail msft sandboxes purchases

Pop-Ups in a good-world by Guilherme KeerokThis research was fun to do and I believe it addresses some cool and theoretic... 2021-6-4 19:1:1 | 阅读: 7 | 收藏 | GC Cybermonks - gccybermonks.com clipboard popups ondrag bypass victim

Object Injection to SQL Injection by Walleson Moura (@phor3nsic_br)NodeJS + SqlstringIn this section, we will explain a curious cas... 2021-5-27 03:54:47 | 阅读: 0 | 收藏 | GC Cybermonks - gccybermonks.com injection sqlstring escapeid library

A short story about an XSS in chat.mozilla.org (CVE-2021-21320) by Guilherme KeerokIn the last month, some friends and I have founded @duph0use, a house where we s... 2021-3-20 05:1:1 | 阅读: 0 | 收藏 | GC Cybermonks - gccybermonks.com usercontent github postmessage mozilla download