HackerOne
@HackerOne
11K
subscribers
644
photos
31
videos
79
files
2.74K
links
Community :
@Sec0x01
@Bug0x
Download Telegram
Join
HackerOne
11K subscribers
HackerOne
https://github.com/christophetd/CloudFlair
GitHub
GitHub - christophetd/CloudFlair:
🔎
Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.
🔎
Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys. - christophetd/CloudFlair
HackerOne
HackerOne
https://generaleg0x01.com/2019/03/10/escalating-ssrf-to-rce/
HackerOne
https://medium.com/@armaanpathan/brute-forcing-user-ids-via-csrf-to-delete-all-users-with-csrf-attack-216ccd4d832c
Medium
Brute Forcing User IDS via CSRF To Delete all Users with CSRF attack.
While testing an application, there was a module “Delete User” in which an admin can delete any user.
HackerOne
This media is not supported in your browser
VIEW IN TELEGRAM
HackerOne
https://hackerone.com/reports/470520
HackerOne
Valve disclosed on HackerOne: RCE on Steam Client via buffer...
## Introduction
In Steam and other valve games (CSGO, Half-Life, TF2) there is a functionality to find game servers called the server browser. In order to retrieve the information about these...
HackerOne
HackerOne
embedded-linux-primer-a-practical-real-world-appro.pdf
10.6 MB
Embedded Linux Primer: A Practical Real-World Approach, 2nd Edition
HackerOne
https://hackaday.com/2017/02/20/33c3-dissecting-3g4g-phone-modems/
Hackaday
33C3: Dissecting 3G/4G Phone Modems
[LaForge] and [Holger] have been hacking around on cell phones for quite a while now, and this led to them working on the open cellphone at OpenMoko and developing the OsmocomBB GSM SDR software. N…
HackerOne
SecHub.io
- Educational Platform for Web Sec
HackerOne
https://amp.cnn.com/cnn/2019/03/21/tech/facebook-password-database/index.html?__twitter_impression=true
#good_news
CNN
Facebook staff had access to hundreds of millions of people's passwords
Facebook is back with another mea culpa.
HackerOne
#Fake_Buyer
HackerOne
Group :
https://news.1rj.ru/str/joinchat/EnMw_kGyaHh7_2UbzgtEdg
Telegram
Security Researchers
@HackerOne
Dont Spam
English Only
HackerOne
https://www.thezdi.com/blog/2019/3/13/cve-2019-0604-details-of-a-microsoft-sharepoint-rce-vulnerability
Zero Day Initiative
Zero Day Initiative — CVE-2019-0604: Details of a Microsoft SharePoint RCE Vulnerability
Last month, Microsoft released patches to address two remote code execution (RCE) vulnerabilities in SharePoint. In both Critical-rated cases, an attacker could send a specially crafted request to execute their code in the context of the SharePoint application…
HackerOne
HackerOne
https://dantheiotman.com/2017/09/15/p4wnp1-the-pi-zero-based-usb-attack-platform
Dan The IOT Man
P4wnP1 – The Pi Zero based USB attack Platform
The P4wnP1 is an exciting and feature rich USB attack platform that runs on a Raspberry Pi Zero. The P4wnP1 turns your Pi Zero/Zero W into a physical security Ethical Hacking pentest tool. In this …
HackerOne
https://blog.scrt.ch/2018/08/24/remote-code-execution-on-a-facebook-server/
HackerOne
https://medium.com/@princechaddha/an-unusal-bug-on-braintree-paypal-b8d3ec662414
Medium
An Unusal Bug
🐛
on Braintree [PayPal]
This is my first post about one of my finding on PayPal Bug Bounty program.
HackerOne
HackerOne
https://blog.redforce.io/sql-injection-in-insert-update-query-without-comma/
Redforce
Comma is forbidden! No worries!! Inject in insert/update queries without it
A writeup regarding exploiting SQL injection issue in an insert query while it wasn't possible to use a comma at my payload at all.
TWeb.init({scrollToPost:'HackerOne/2399'});
