# Intro
Since the founding of HackerOne, we have kept a steadfast commitment to disclosing security incidents because we believe that sharing security information far and wide is essential to...

Introduction

Today I will share with you the first vulnerability I found on SerpApi, LLC.

A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
https://t.co/BYOJgT0eIk
#linux #kernel #eBPF #backdoor #c2

How I hacked Apple and was able to Disclose Apple Users Private Shipping Information and Mobile Numbers.

We discovered vulnerabilities in Horde Webmail that allow an attacker to execute arbitrary code on Horde instances by having a victim open an email

We discovered an interesting code vulnerability that could be used to bypass hardening mechanisms in the popular WordPress CMS.

We recently discovered three interesting code vulnerabilities in NodeBB 1.18.4, allowing attackers to compromise servers. Find out about the details in this article!

Frida handbook, resource to learn the basics of binary instrumentation in desktop systems (Windows, Linux, MacOS) with real-world examples.

FuzzSSH is a free software tool created to detect SSH (protocol) vulnerabilities. - GitHub - epsylon/fuzzssh: FuzzSSH is a free software tool created to detect SSH (protocol) vulnerabilities.

In this video we are going to solve one of the vulnmachines lab zero is cool.
PHP verion 8.1.0 backdoor was released with a backdoor on March 28th 2021, but the #backdoor was quickly discovered and removed. If this version of #php runs on a server, an #attackers…

By exploiting a broken business logic of a web app, it can be possible to retrieve even Google service account credentials integrated through the OAuth flow and compromise all GSuite users by delegating specific permissions in the GSuite domain.

The Bug Hunter’s Methodology Application Hacking v1

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)... - ...