En este momento se lleva la sentencia de MalwareTech puedes seguirla en tiempo real en el Twitter de EmptyWheel
Los mejores deseos a Marcus
https://twitter.com/emptywheel/status/1154789624843329536
Los mejores deseos a Marcus
https://twitter.com/emptywheel/status/1154789624843329536
Twitter
emptywheel
In Milwaukee for @MalwareTechBlog sentencing hearing, that begins in 7 minutes. Most of the sentencing materials are sealed, but here's the govt filing. https://t.co/LZdpqGMpbD
Android Pentesting/Bug Hunting 101
-set-up Burp
-bruteforce OTP
-ADB leaks
-IDOR vulnerability
-list of static & dynamic vulnerabilities you should always check
https://link.medium.com/Ohrs3M1eFY
-set-up Burp
-bruteforce OTP
-ADB leaks
-IDOR vulnerability
-list of static & dynamic vulnerabilities you should always check
https://link.medium.com/Ohrs3M1eFY
Medium
Android Pen-testing/Hunting 101
Currently I’m Pen-testing on private projects so if you have any project to test kindly reach me on Twitter @hst_kishan
AWS-IAM-Privilege-Escalation
A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.
https://github.com/RhinoSecurityLabs/AWS-IAM-Privilege-Escalation
A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.
https://github.com/RhinoSecurityLabs/AWS-IAM-Privilege-Escalation
GitHub
GitHub - RhinoSecurityLabs/AWS-IAM-Privilege-Escalation: A centralized source of all AWS IAM privilege escalation methods released…
A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs. - RhinoSecurityLabs/AWS-IAM-Privilege-Escalation
Single User DOS by Poisoning Cookie via Get Parameter
https://hackerone.com/reports/416966
https://hackerone.com/reports/416966
HackerOne
Pornhub disclosed on HackerOne: Single User DOS by Poisoning Cookie...
The researcher was able to exploit a cookie poisoning attack against other users, by sending malicious links to the victims, as a result, the victims were no longer be able to access...
Bypassing Cloudflare WAF with the origin server IP address
https://blog.detectify.com/2019/07/31/bypassing-cloudflare-waf-with-the-origin-server-ip-address/
https://blog.detectify.com/2019/07/31/bypassing-cloudflare-waf-with-the-origin-server-ip-address/
Blog Detectify
Bypassing Cloudflare WAF with the origin server IP address
Crowdsource hacker Gwendal shares tutorial on how he bypassed Cloudflare WAF, commonly used by companies, with the origin server IP.
Forwarded from The Bug Bounty Hunter
SQL Injection Extracts Starbucks Enterprise Accounting, Financial, Payroll Database
https://hackerone.com/reports/531051
https://hackerone.com/reports/531051
HackerOne
Starbucks disclosed on HackerOne: SQL Injection Extracts Starbucks...
As described in the Hacker Summary, @spaceraccoon discovered a SQL Injection vulnerability in a web service backed by Microsoft Dynamics AX. @spaceraccoon demonstrated that the flaw was exploitable...