NEW BOT Телеграм, страница - 397930840

HackerOne

11.1K subscribers

644 photos

31 videos

79 files

2.74K links

Community : @Sec0x01
@Bug0x

Download Telegram

About

Blog

Apps

Platform

11.1K subscribers

Critical : Malware and XSS file can be uploaded and executed on udemy

https://hackerone.com/reports/172694

Udemy disclosed on HackerOne: Critical : Malware and XSS file can...

The investigator found that he can upload any file type to our upload bucket. That is intended behavior - file content is enforced before moving it out of our upload bucket.

352 views13:52

http://blog.darabi.me/2015/04/bypass-facebook-csrf.html

How I bypassed Facebook CSRF Protection

379 views13:52

287 views20:03

Reflected XSS on a Navy website

https://hackerone.com/reports/183878

U.S. Dept Of Defense disclosed on HackerOne: Reflected XSS on a...

A U.S. Navy website was vulnerable to a reflected cross-site noscripting attack which may be used to trick a web user into executing a malicious noscript, potentially revealing a user's browser cookies...

332 views21:06

Attacking UEFI Runtime Services and Linux
http://blog.frizk.net/2017/01/attacking-uefi-and-linux.html

Attacking UEFI Runtime Services and Linux

Attackers with physical access are able to attack the firmware on many fully patched computers with DMA - Direct Memory Access. Once code ex...

310 views08:48

https://heimdalsecurity.com/blog/security-alert-the-shadow-brokers-windows-hacking-tools/

Heimdal Security Blog

Security Alert: The Shadow Brokers Retire, Leave Free Hacking Tools Behind

Threat actor The Shadow Group is selling a big batch of Windows hacking tools for 750 Bitcoins. This is what the database includes:

338 views08:48

https://hackerone.com/reports/197878

Nextcloud disclosed on HackerOne: WordPress <= 4.6.1 Stored XSS Via...

Hello __Team__,

__Denoscription__:-
>Vulnerable code is located at /wp-admin/includes/class-theme-installer-skin.php

__POC__:-
https://nextcloud.com/readme.html

{F151887}

__FIX__:-
Upgrade...

391 views08:59

https://thehackernews.com/2017/01/mobile-hacking-cellebrite.html

453 views09:02

ایران کجاست؟

جاییه که ماست سون از ویندوز سون گرون تره

437 views20:05

348 views20:16

ketabesabz.com/dl/20366

321 views14:09

353 views19:37

Oops!
FaceBook Remote Code Excution
http://4lemon.ru/2017-01-17_facebook_imagetragick_remote_code_execution.html

434 views06:29

@PentesterSchool
PentesterSchool.ir
Best School For Pentester

367 viewsedited 14:26

430 viewsedited 18:44

http://pwn3r.tistory.com/

323 views08:45

262 views07:31

If You Can't Find Vulnerability In php noscript, Dont Worry!
PHP Support All Vulnerabilities!

440 viewsedited 11:56

http://youtube.com/watch?v=GlY_I2ZnNt8

Facebook Vulnerability - Deleting Any Video on Facebook

Back in June of last year I discovered a critical vulnerability that allows me to remotely delete any video on Facebook. In addition, I also had the ability ...

261 views19:46

http://danmelamed.blogspot.in/2017/01/facebook-vulnerability-delete-any-video.html

danmelamed.blogspot.co.uk

Facebook Vulnerability - Delete Any Video on Facebook

Back in June of last year I discovered a critical vulnerability that allows me to remotely delete any video on Facebook. In addition, I also...

274 views19:49

Microsoft Remote Desktop Client for Mac Remote Code Execution
Video Demo: https://www.youtube.com/watch?v=6HeSiXYRpNY
Advisory: https://goo.gl/wmk9Dy
From RDP to RCE :)

Microsoft Remote Desktop Client for Mac Remote Code Execution

A vulnerability exists in Microsoft Remote Desktop for Mac that allows a remote attacker to execute arbitrary code on the target machine. User interaction is...

463 views06:56