HackerOne – Telegram

HackerOne

9.8K subscribers

633 photos

30 videos

76 files

2.69K links

Community : @Sec0x01
@Bug0x
Admin : @Offensive

Download Telegram

About

Blog

Apps

Platform

9.8K subscribers

https://github.com/maxchehab/CSS-Keylogging

GitHub - maxchehab/CSS-Keylogging: Chrome extension and Express server that exploits keylogging abilities of CSS.

Chrome extension and Express server that exploits keylogging abilities of CSS. - maxchehab/CSS-Keylogging

1.42K viewsMir Saman Tajbakhsh, 15:57

https://guif.re/

1.21K viewsAmir, edited 21:17

Inside Windows Page Frame Number (PFN) – Part 2
https://rayanfam.com/topics/inside-windows-page-frame-number-part2/

Inside Windows Page Frame Number (PFN) – Part 2

We write about Windows Internals, Hypervisors, Linux, and Networks.

2.26K viewsAwdel, 13:59

FakesApp: A Vulnerability in WhatsApp
https://youtu.be/rtSFaHPA0C4

FakesApp: A Vulnerability in WhatsApp

Check Point Research shows new vulnerabilities in the popular messaging application that could allow threat actors to intercept and manipulate messages sent in both private and group conversations, giving attackers immense power to create and spread misinformation…

1.48K viewsMir Saman Tajbakhsh, 15:11

https://pequalsnp-team.github.io/writeups/analisys_telegram_passport

pequalsnp-team.github.io

Padding Oracle attack against Telegram Passport

1.06K viewsAmir, 12:50

https://github.com/trailofbits/algo

GitHub - trailofbits/algo: Set up a personal VPN in the cloud

Set up a personal VPN in the cloud. Contribute to trailofbits/algo development by creating an account on GitHub.

997 viewsAmir, 13:31

1.12K viewsAmir, 13:36

https://github.com/romanzaikin/BurpExtension-WhatsApp-Decryption-CheckPoint

GitHub - romanzaikin/BurpExtension-WhatsApp-Decryption-CheckPoint: This tool was created during our research at Checkpoint Software…

This tool was created during our research at Checkpoint Software Technologies on Whatsapp Protocol (This repository will be updated after BlackHat 2019) - romanzaikin/BurpExtension-WhatsApp-Decrypt...

1.25K viewsAmir, 13:36

https://github.com/hfiref0x/MpEnum

GitHub - hfiref0x/MpEnum: Enumerate Windows Defender threat families and dump their names according category

Enumerate Windows Defender threat families and dump their names according category - hfiref0x/MpEnum

1.14K viewsxDD, 07:51

https://github.com/xoreaxeaxeax/rosenbridge

GitHub - xoreaxeaxeax/rosenbridge: Hardware backdoors in some x86 CPUs

Hardware backdoors in some x86 CPUs. Contribute to xoreaxeaxeax/rosenbridge development by creating an account on GitHub.

1.35K viewsAmir, 09:51

https://www.bugcrowd.com/university

1.18K viewsxDD, 18:06

https://github.com/SecWiki/windows-kernel-exploits

GitHub - SecWiki/windows-kernel-exploits: windows-kernel-exploits Windows平台提权漏洞集合

windows-kernel-exploits Windows平台提权漏洞集合. Contribute to SecWiki/windows-kernel-exploits development by creating an account on GitHub.

1.43K viewsxDD, 18:06

http://www.blackstormsecurity.com/docs/DEFCON2018.pdf
Ring0/-2 Rootkits Defcon 2018

1.55K viewsxDD, edited 19:12

https://media.defcon.org/DEF%20CON%2026/DEF%20CON%2026%20presentations/

media.defcon.org

All DEF CON video presentations, music, documentaries, pictures, villages, and Capture The Flag data that can be found.

1.36K viewsxDD, 23:53

The most complex exploit of the century 😐
https://www.exploit-db.com/exploits/45186/

2.02K viewsxDD, 09:42

https://2000.shodan.io/#/

2.08K viewsAmir Kiani, 19:48

Archery is an opensource vulnerability assessment and management tool which helps developers and pentesters to perform scans and manage vulnerabilities. Archery uses popular opensource tools to perform comprehensive scanning for web application and network. It also performs web application dynamic authenticated scanning and covers the whole applications by using selenium. The developers can also utilize the tool for implementation of their DevOps CI/CD environment.

https://github.com/archerysec/archerysec

GitHub - archerysec/archerysec: ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.

ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec. - archerysec/archerysec

1.32K viewsxDD, 07:16

https://portswigger.net/blog/dynamic-analysis-of-javascript

PortSwigger Blog

Dynamic analysis of JavaScript

Burp's current Scanner can report a wide range of DOM-based vulnerabilities using static analysis techniques. Static analysis of JavaScript involves parsing the code to construct an abstract syntax tr

1.05K viewsxDD, 14:28

https://hackerone.com/reports/393615 :)))

Ed disclosed on HackerOne: Physical Laptop Takeover

At 6:16PM of August 11th of 2018, during H1-702, right before the sand storm beat the shit out of the rooftop party, we managed to perform a critical attack on Ed's infrastructure.
{F332214}

##...

1.01K viewsAmir Kiani, 15:08

https://0xpatrik.com/subdomain-takeover-basics/

Subdomain Takeover: Basics

Although I have written multiple [/subdomain-takeover-starbucks/] posts
[/takeover-proofs/] about subdomain takeover, I realized that there aren't many
posts covering basics of subdomain takeover and the whole "problem statement."
This post aims to explain…

1.03K viewsAmir Kiani, 15:16