If you find the host hosting the WordPress CMS, then try to see, if xmlrpc.php is open

Then, through the PingBack function, you can get Blind SSRF)

#bugbounty #hackerone #bugbountytip #bugbountytips

Today, we will be looking at the “Connected User Experiences and Telemetry service,” also known as “diagtrack.” This article is quite heavy on NTFS-related terminology, so you’ll need to have a good understanding of it.

Ronald Huizer It’s not worth doing something unless you were doing something that someone, somewhere, would much rather you weren’t doing...

Wireless and hardware security expertise, Penetration tests, Mobile security, Trainings, Software-Defined Radio Hacking, Vulnerability research

Many of you have probably heard of the CVE-2019-19781 vulnerability that I discovered at the end of last year. It is a critical vulnerability in Citrix ADC that allows unauthorized users to execute arbitrary operating system commands. It caused quite a stir…

This post tells the story of exploiting an SQLi bug with a Postgres back-end DB. Specifically, it details some interesting changes in the file-read and directory-listing primitives in later version of Postgres, as well as some less-documented techniques for…

This article is based on a new finding which I was able to discover while doing pentest for a private company. Since I am not allowed to…

By Brandon Azad, Project Zero At 3 PM PDT on May 23, 2020, the unc0ver jailbreak was released for iOS 13.5 (the latest signed version a...

Have you ever wondered how hackers find and exploit IDOR (Insecure Direct Object Reference)?
In this video STÖK get schooled by Fisher who shows him how to setup and hunt for IDORS using BURP Suite & plugins like Autorize and AutoRepeter.

Fisher:
https:…

You probably already guessed it from the title’s name, API Hashing is used to obfuscate a binary in order to hide API names from static analysis tools, hindering a reverse engineer to underst…

crypto-yank matches and replaces crypto-currency addresses found in the clipboard. - GitHub - jacques-andre/crypto-yank: crypto-yank matches and replaces crypto-currency addresses found in the cli...

-- UPDATED AGAIN -- MS17-010 PYTHON EXPLOIT -- UPDATED AT THE BOTTOM OF THE PAGE -- Don't be confused, this is about MS17-010 and the error you'll sometime...

A story of RCE via ZooKeeper and ClickHouse replication protocol (CVE-2019–15024)

C# has received some recent attention in the security community, and the Microsoft.Workflow.Compiler.exe security issue recently identified by Matt Graber at SpecterOps prompted us to take a closer