از انجام Bug Hunting لذت میبرید یا خیر
Anonymous Poll
62%
بله لذت میبرم
26%
هیچ حسی نسبت بهش ندارم فقط بخاطر درامد انجام میدم
12%
خیر علاقه ای بهش ندارم و هیچوقت انجامش نمیدم
👍5
https://www.praetorian.com/blog/how-i-found-the-worst-asp-net-vulnerability-a-10k-bug-cve-2025-55315/
⭐️ @RadvanSec
⭐️ @RadvanSec
Praetorian
How I Found the Worst ASP.NET Vulnerability — A $10K Bug (CVE-2025-55315)
Introduction Earlier this year, I earned a $10,000 bounty from Microsoft after discovering a critical HTTP request smuggling vulnerability in ASP.NET Core’s Kestrel server (CVE-2025-55315). The vulnerability garnered significant media attention after Microsoft…
❤5
RadvanSec
از انجام Bug Hunting لذت میبرید یا خیر
دوستانی که گزینه یک و سه رو انتخاب کردن که تکلیف کاملا مشخصه ولی افرادی که گزینه ۲ هستید یک تجدید نظر باید کنید
❤5🌚2
AI_for_AppSec_and_OffSec.pdf
7.5 MB
#AIOps
#Fuzzing
#Offensive_security
"AI for AppSec and Offensive Security: From Automation to Autonomy", BSides Berlin, 2025.
]-> AI-powered workflow automation and AI Agents for AppSec, Fuzzing & Offensive Security
⭐️ @RadvanSec
#Fuzzing
#Offensive_security
"AI for AppSec and Offensive Security: From Automation to Autonomy", BSides Berlin, 2025.
]-> AI-powered workflow automation and AI Agents for AppSec, Fuzzing & Offensive Security
⭐️ @RadvanSec
👍6❤2
Honestly, this one was even more satisfying for me than an RCE.
I found a point in the application where user input was passed directly into an LDAP filter without any sanitization. By sending crafted payloads, I confirmed that my input was being injected straight into the LDAP query. Normal values triggered the expected redirect, while malformed payloads broke the filter and produced completely different server responses.
With this behavior, I was able to manipulate the LDAP filter logic and query directory objects that were never meant to be exposed. This wasn’t blind server responses clearly reflected the injected filter structure.
LDAP is tightly tied to authentication and access control, so any ability to alter its filters can lead to unauthorized data access and serious security impact.
Since the vulnerability is not patched yet, I can’t share further details.
Writeup? Soon…
⭐️ @RadvanSec
I found a point in the application where user input was passed directly into an LDAP filter without any sanitization. By sending crafted payloads, I confirmed that my input was being injected straight into the LDAP query. Normal values triggered the expected redirect, while malformed payloads broke the filter and produced completely different server responses.
With this behavior, I was able to manipulate the LDAP filter logic and query directory objects that were never meant to be exposed. This wasn’t blind server responses clearly reflected the injected filter structure.
LDAP is tightly tied to authentication and access control, so any ability to alter its filters can lead to unauthorized data access and serious security impact.
Since the vulnerability is not patched yet, I can’t share further details.
Writeup? Soon…
⭐️ @RadvanSec
🔥4❤1😨1🫡1
🚨 هکرها با یک تصویر، سامسونگ را هک کردند ZeroClick! کنترل کامل دستگاه!
یک حملهٔ سایبری جدید به نام LANDFAIL (CVE-2025-21042) کشف شده که دستگاههای Samsung Galaxy S22، S23، S24 و سری Z را که از اندروید 13 تا 15 استفاده میکنند، هدف قرار میدهد.
هکرها از یک آسیبپذیری Zero-Day سوء استفاده کردهاند که از طریق یک تصویر مخرب در واتساپ امکان دسترسی از راه دور بدون هیچگونه تعامل کاربر را فراهم میکند!
سامسونگ این مشکل را در بهروزرسانی امنیتی آوریل 2025 برطرف کرده، اما میلیونها کاربر ممکن است در صورت عدم بهروزرسانی همچنان در معرض خطر باشند
⭐️ @RadvanSec
یک حملهٔ سایبری جدید به نام LANDFAIL (CVE-2025-21042) کشف شده که دستگاههای Samsung Galaxy S22، S23، S24 و سری Z را که از اندروید 13 تا 15 استفاده میکنند، هدف قرار میدهد.
هکرها از یک آسیبپذیری Zero-Day سوء استفاده کردهاند که از طریق یک تصویر مخرب در واتساپ امکان دسترسی از راه دور بدون هیچگونه تعامل کاربر را فراهم میکند!
سامسونگ این مشکل را در بهروزرسانی امنیتی آوریل 2025 برطرف کرده، اما میلیونها کاربر ممکن است در صورت عدم بهروزرسانی همچنان در معرض خطر باشند
⭐️ @RadvanSec
🔥5👍1
CVE-2025-60710
LPE в \Microsoft\Windows\WindowsAI\Recall\PolicyConfiguration scheduled task.
POC
⭐️ @RadvanSec
LPE в \Microsoft\Windows\WindowsAI\Recall\PolicyConfiguration scheduled task.
POC
⭐️ @RadvanSec
❤2👍1🎅1
Forwarded from GO-TO CVE (| | Sharo K h | |)
Sin0x001
git_secret.go
یه ابزار برای دانلود کردن فایل های که قبلا از توی ریپو یه گیتهاب حذف شده
❤3👍1
Forwarded from PentesterLand Academy - Public
یه هکر اینجوری از داون شدن کلادفلیر استفاده میکنه
https://www.instagram.com/reel/DRMy7riDYbp/?igsh=MWI1ZmpwdXk3Y256Zw==
https://www.instagram.com/reel/DRMy7riDYbp/?igsh=MWI1ZmpwdXk3Y256Zw==
❤7👍1🤣1
Hunting for DOM-based XSS vulnerabilities: A complete guide
https://www.intigriti.com/researchers/blog/hacking-tools/exploiting-dom-based-xss-vulnerabilities
@RadvanSec
https://www.intigriti.com/researchers/blog/hacking-tools/exploiting-dom-based-xss-vulnerabilities
@RadvanSec
Intigriti
Hunting for DOM-based XSS vulnerabilities: A complete guide
Traditional cross-site noscripting (XSS) vulnerabilities were prevalent when server-side rendering (with languages like PHP, JSP, and ASP) was the norm. However, as applications become more complex and...
❤5