ASP.NET CORE Path Traversal A path traversal attack (also known as directory traversal) aims to access files and directories tha... 2021-09-30 00:15:12 | 阅读: 19 | 收藏 | infosecwriteups.com alaa bypass download microsoft getfilename

Bounty Hacker Tryhackme Walkthrough Hello guys and welcome back , Ayush this side, today we’ll talk about one of the tryhackme room “Bou... 2021-09-30 00:15:09 | 阅读: 34 | 收藏 | infosecwriteups.com machine sv nmap network 3xabyt3

h@cktivitycon 2021 CTF writeup: Reactor Android Challenge Hey there, HackerOne hosted h@activitycon 2021 CTF a few weeks back. I got time to play around with... 2021-09-29 23:44:38 | 阅读: 40 | 收藏 | infosecwriteups.com reactor logcat jaimin entered apk

How to write simple script to automate finding bugs 2. URLs Prerequisites.Before we get started, we need to know why we need to use GF/GF-Patterns/Uro ?... 2021-9-26 22:0:45 | 阅读: 0 | 收藏 | Stories by Eslam Akl on Medium - infosecwriteups.com payload exurl splitted uro library

How I Found a Credential Exposure Bug on BBC. Hey all,I’m a beginner in bug bounty hunting. Even though my bachelors was in electronics, I got fas... 2021-09-21 13:46:48 | 阅读: 53 | 收藏 | infosecwriteups.com github security credits bbc githubdorks

Unlimited report user in Instagram (Facebook) leads to abuse risk. Hello, it’s Mano Prasanth here,Photo by Alexander Shatov on UnsplashThis write-up is about a simple... 2021-09-21 02:07:06 | 阅读: 32 | 收藏 | infosecwriteups.com facebook limiting payload prasanth hunt

How did I become a doctor using XSS vulnerability? Hey guyz, once again I am back with a new writeup!!To all who don't know me: I am Krishnadev P Melev... 2021-09-21 01:07:03 | 阅读: 34 | 收藏 | infosecwriteups.com doctor injection hospital 2021bug appointment

[Metasploit]Upgrade Normal Shell To Meterpreter Shell Steps To Upgrade Normal Command Shell ===> Meterpreter ShellIn this case, after the machine is explo... 2021-09-16 19:18:33 | 阅读: 34 | 收藏 | infosecwriteups.com zstep typing shellin machine landed

How I found my first AEM related bug. Hello all the amazing hackers and cyber security enthusiasts. My name is Vedant(Also known as Vegeta... 2021-09-16 19:18:18 | 阅读: 45 | 收藏 | infosecwriteups.com aem dispatcher payload

Exposing Millions of IRCTC Passengers' ticket details. Hi There,Renganathan Here, I’m an Ethical Hacker & a Security researcher.I’ve been acknowledged by L... 2021-09-16 14:01:08 | 阅读: 44 | 收藏 | infosecwriteups.com irctc booked idor booking

Bug-Bounty Getting started & some tips Well hello everyone It’s yasser again (AKA Neroli),I know a lot of people asked me on LinkedIn for h... 2021-09-16 13:59:42 | 阅读: 78 | 收藏 | infosecwriteups.com github youtube security hashtag tips

10 golden minutes for taking over a Chess.com account Chess.com logoHi folks, this is the second write-up about finding bugs on Chess.com. You can find th... 2021-09-16 13:58:06 | 阅读: 41 | 收藏 | infosecwriteups.com chess username scored burp expire

Bypass Server Upload Restrictions User-uploaded files can give hackers a potential entry-point into web apps, making their safe handli... 2021-09-15 00:10:16 | 阅读: 51 | 收藏 | infosecwriteups.com php bypass payload whitelist exiftool

Accessing Grofers Grafana Instance Using Shodan Hello People….After a long time, there is one interesting bug I have found in Grofers using a simple... 2021-09-15 00:09:55 | 阅读: 179 | 收藏 | infosecwriteups.com grofers security lohigowda entered username

Bypassed! and uploaded a sweet reverse shell Hey, Today I will showcase how I found a file upload vulnerability which I bypassed and popped a rev... 2021-09-05 17:22:10 | 阅读: 135 | 收藏 | infosecwriteups.com php reverse bypass php5 bypassed

Eye for an eye: Unusual single click JWT token takeover This story is about an unusual open redirect misconfiguration I found in JetBrains Datalore.Descript... 2021-09-05 10:57:22 | 阅读: 48 | 收藏 | infosecwriteups.com jetbrains datalore 2fdatalore attacker victim

Web OSINT Tryhackme Walkthrough Hello guys and welcome back , Ayush this side, today we’ll talk about one of the tryhackme room web... 2021-09-05 03:53:19 | 阅读: 328 | 收藏 | infosecwriteups.com ans viewdns heat nameserver

What would you do if Oracle’s mailing server sent you this? Phishing via. HTML Injection!This blog talks about how a case of weak input validation in an Oracle... 2021-09-02 16:08:57 | 阅读: 52 | 收藏 | infosecwriteups.com phishing emailid mailing noreply victim

How I made 25000 USD in bug bounties with reverse proxy A proxy server is a go‑between or intermediary server that forwards requests for content from multip... 2021-09-02 15:28:59 | 阅读: 42 | 收藏 | infosecwriteups.com proxy reverse attacker network 95content

When automating wayback machine and ffuf is not the answer, or manual analysis ftw Wayback machine is an awesome resource for a quick recon. It helps in finding sometimes obscure path... 2021-09-02 15:28:53 | 阅读: 58 | 收藏 | infosecwriteups.com ffuf machine wayback belong requestand