When working with IoT and embedded systems, brute-force password guessing attacks are an effective tool to gain access. Over the years, I’ve learned some tips and tricks to make these attacks…

In this post, you will learn about how I could find the unauthenticated file upload vulnerability in Synology and, according to Synology's highest amount for website security bounty. Start Point to...

Parameter Tampering: Special Characters

Invoke-ZeroLogon allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls on their behalf. - BC-SECURITY/Invoke-ZeroLogon

Applications still utilize weak cryptography generation methodologies which may lead to severe risk. In the world of Application Security, looking for a…

A fast & light web screenshot without headless browser but Chrome DevTools Protocol! - dwisiswant0/go-stare

TL;DR Find out how a use after free vulnerability in PHP allows attackers that are able to run PHP code to escape disable_functions restrictions. Vulnerability Summary PHP’s SplDoublyLinkedList is vulnerable to an UAF since it has been added to PHP’s core…

Testing for XSS via “javascript:” but it’s blocked by a WAF? Try these bypasses. Thanks for the #BugBountyTip, @SecurityMB! #BugBountyTips #HackWithIntigriti

by Worawit Wangwarunyoo , DATAFARM Research Team, Datafarm Company Limited

TL;DR: This is how I was able to exploit a HTTP Request Smuggling in a Mobile Device Management (MDM) servers and send any MDM command to…

GET /admin HTTP/1.1 Host: https://t.co/kc0BFkaTX3 ... Access is denied GET /test HTTP/1.1 Host: https://t.co/kc0BFkaTX3 X-Original-URL: /admin HTTP/1.1 200 OK

How my name was added to humans.txt for scoring my first bug bounty, a severity 2 one at that!

open redirect to a complete account takeover

Burp Extension for easily creating Wordlists. Contribute to GainSec/GoldenNuggets-1 development by creating an account on GitHub.

Understanding “rundll32.exe” command line arguments