hack and bug bounty
@hack_com
22
subscribers
20.9K
links
Download Telegram
Join
hack and bug bounty
22 subscribers
hack and bug bounty
A hackers perspective on bug bounty triage
shubs
A hackers perspective on bug bounty triage
In the last few days, I have been able to have productive conversations with my peers in the bug bounty community including Patrik who works on the triage team and Luke who leads community efforts from HackerOne. Patrik has helped clear up misconceptions…
hack and bug bounty
A Glossary of Blind SSRF Chains
shubs
A Glossary of Blind SSRF Chains
You can find this blog post on Assetnote's blog.
hack and bug bounty
Finding Hidden Files and Folders on IIS using BigQuery
shubs
Finding Hidden Files and Folders on IIS using BigQuery
You can find this blog post on Assetnote's blog.
hack and bug bounty
Hacking on Bug Bounties for Four Years
shubs
Hacking on Bug Bounties for Four Years
You can find this blog post on Assetnote's blog.
hack and bug bounty
Expanding the Attack Surface: React Native Android Applications
shubs
Expanding the Attack Surface: React Native Android Applications
You can find this blog post on Assetnote's blog.
hack and bug bounty
Discovering a zero day and getting code execution on Mozilla's AWS Network
shubs
Discovering a zero day and getting code execution on Mozilla's AWS Network
You can find this blog post on Assetnote's blog.
hack and bug bounty
Gaining access to Uber's user data through AMPScript evaluation
shubs
Gaining access to Uber's user data through AMPScript evaluation
You can find this blog post on Assetnote's blog.
hack and bug bounty
High frequency security bug hunting: 120 days, 120 bugs
shubs
High frequency security bug hunting: 120 days, 120 bugs
1) Intro & Motivations
At the start of of this year, I set myself a personal goal of finding 365 bugs in 365 days.
This was entirely motivated by wanting to challenge myself to find more security issues as I felt I'd been slacking off.
I thought back to…
hack and bug bounty
Using ngrok to proxy internal servers in restrictive environments
shubs
Using ngrok to proxy internal servers in restrictive environments
When gaining shell access to a machine on a network, a promising attack vector is to check the internal network for web applications and services that may be accessible from the machine that has been compromised.
Often, internal web applications are found…
hack and bug bounty
Insecure Features in PDFs
Blogspot
Insecure Features in PDFs
In 2019, we published attacks on PDF Signatures and PDF Encryption . During our research and studying the related work, we discovered a lot...
hack and bug bounty
Single Sign-On Security: Security Analysis of real-life OpenID Connect Implementations
Blogspot
Single Sign-On Security: Security Analysis of real-life OpenID Connect Implementations
This is a guest blogpost by Lauritz Holtmann . He wrote his master thesis: "Single Sign-On Security: Security Analysis of real-life OpenID C...
hack and bug bounty
Shadow Attacks: Hiding and Replacing Content in Signed PDFs
Blogspot
Shadow Attacks: Hiding and Replacing Content in Signed PDFs
Last year we presented How to Spoof PDF Signatures . We showed three different attack classes. In cooperation with the CERT-Bund (BSI)...
hack and bug bounty
CVE-2020-2655 JSSE Client Authentication Bypass
Blogspot
CVE-2020-2655 JSSE Client Authentication Bypass
During our joint research on DTLS state machines, we discovered a really interesting vulnerability (CVE-2020-2655) in the recent versions...
hack and bug bounty
CTF: FluxFingers4Future - Evil Corp Solution
Blogspot
CTF: FluxFingers4Future - Evil Corp Solution
For this years hack.lu CTF I felt like creating a challenge. Since I work a lot with TLS it was only natural for me to create a TLS challen...
hack and bug bounty
PDFex: Major Security Flaws in PDF Encryption
Blogspot
PDFex: Major Security Flaws in PDF Encryption
After investigating the security of PDF signatures , we had a deeper look at PDF encryption. In cooperation with our friends from Mün...
hack and bug bounty
Testing SAML Endpoints for XML Signature Wrapping Vulnerabilities
Blogspot
Testing SAML Endpoints for XML Signature Wrapping Vulnerabilities
A lot can go wrong when validating SAML messages . When auditing SAML endpoints, it's important to look out for vulnerabilities in the sign...
hack and bug bounty
Probing for XML Encryption Weaknesses in SAML with EsPReSSO
Blogspot
Probing for XML Encryption Weaknesses in SAML with EsPReSSO
Security Assertion Markup Language (SAML) is an XML-based standard commonly used in Web Single Sign-On (SSO) [1]. In SAML, the confidential...
hack and bug bounty
Scanning TLS Server Configurations with Burp Suite
Blogspot
Scanning TLS Server Configurations with Burp Suite
In this post, we present our new Burp Suite extension "TLS-Attacker". Using this extension penetration testers and security researchers ca...
hack and bug bounty
Why Receipt Notifications increase Security in Signal
Blogspot
Why Receipt Notifications increase Security in Signal
This blog post is aimed to express and explain my surprise about Signal being more secure than I thought (due to receipt acknowledgments). ...
hack and bug bounty
Scanning for Padding Oracles
Blogspot
Scanning for Padding Oracles
As you might have heard, we recently got our paper on padding oracle attacks accepted to the USENIX Security Conference. In this paper, we ...
