My first post will be about iOS Hacking, a topic I’m currently working on, so this will be a kind of gathering of all information I have found in my research. It must be noted that I won’t be using any MacOS tools, since the computer used for this task will…

$whoami:

Using a still unpatched vulnerability in the PHP library dompdf (used for rendering PDFs from HTML), we achieved RCE on a web server with merely a reflected XSS vulnerability as entry point.

Providing security research and red team techniques

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comp...

Hello everyone, I hope by the grace of God everyone who is reading this blog post is doing well and their families during this pandemic…

Welcome to our new series called Bug Bounty Redacted! In this series we will be going through reports we have submitted to bug bounty programs over the last five years.

This video series will progress in difficulty, with each episode covering some reports…

🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337 - Puliczek/CVE-2022-0337-PoC-Google-Chrom...

Over the years, large-scale scanning of the internet has enabled the security community to identify widespread vulnerabilities and mitigate them before they can be exploited.

### Summary

The bulk imports api does not remove symlinks when untaring the uploads.tar.gz file, allowing arbitrary files to be read and uploaded when importing a group.

When a group has uploads...

A high risk vulnerability was disclosed to Ondo Finance by iosiro affecting the Tranche Token smart contract and surrounding contracts and awarded with a $25,000 bounty.

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to date with a comp...

Bug exploited inconsistencies between intermediary and backend servers

Facebook uses a contracting company in Someplace called Something to test new and upcoming features across the Facebook family. This company uses real Facebook and Instagram profiles to test in public. A certain trivially found “flag” allows one to identify…

# Pre-requisities

Prior to exploitation you would be required to know the "account id" of the user that you are attacking. Whilst this makes it difficult to attack an application in a generic way...

ZKar is a Java serialization protocol analysis tool implement in Go. - phith0n/zkar

Advanced Reconnaissance and Web Application Discovery RoadMap to Find Massive Vulnerabilities.

This vulnerability is similar to my previous reported vulnerability #1362313 , in here also weakness is path transversal vulnerability which helps me to acheive code execution but the root cause...