Bringing NFC contactless payment to CASIO F-91W watch
https://medium.com/@matteo.pisani.91/how-i-hacked-casio-f-91w-digital-watch-892bd519bd15
https://medium.com/@matteo.pisani.91/how-i-hacked-casio-f-91w-digital-watch-892bd519bd15
Medium
How I hacked CASIO F-91W digital watch
Bringing NFC contactless payment capability to a true classic.
π1
ntroduction to Kali NetHunter Hacker series: Which NetHunter fits you best?
https://www.mobile-hacker.com/2023/07/04/introduction-of-kali-nethunter-hacker-series-and-which-nethunter-fits-you-best/
https://www.mobile-hacker.com/2023/07/04/introduction-of-kali-nethunter-hacker-series-and-which-nethunter-fits-you-best/
π1
CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare.
https://github.com/zidansec/CloudPeler
#bugbounty
#bug_bounty
https://github.com/zidansec/CloudPeler
#bugbounty
#bug_bounty
GitHub
GitHub - zidansec/CloudPeler: CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool youβ¦
CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting infor...
π2π₯2
β β β β β‘ HTTPX: Use the -screenshot (-ss) option to capture screenshots of specific URLs, pages, or endpoints, including the rendered DOM!
https://github.com/projectdiscovery/httpx
https://github.com/projectdiscovery/httpx
GitHub
GitHub - projectdiscovery/httpx: httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttpβ¦
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library. - projectdiscovery/httpx
π3π₯1
Damn Exploitable Android App - Abusing Info Leaks to bypass ASLR.
https://www.mobilehackinglab.com/blog/damn-exploitable-android-app-abusing-info-leaks-to-bypass-aslr
https://www.mobilehackinglab.com/blog/damn-exploitable-android-app-abusing-info-leaks-to-bypass-aslr
Mobilehackinglab
Damn Exploitable Android App - Abusing Info Leaks to bypass ASLR
Dive into our latest blog to learn a clever technique for exploiting format string vulnerabilities to bypass ASLR, revealing key memory addresses and targeting the Damn Exploitable Android App.
π₯3π2
ATO | How I exploited security issue to take over admin account.
https://ar1fshaikh.medium.com/1st-ato-how-i-exploited-security-issue-to-take-over-admin-account-e0ae309dc356
https://ar1fshaikh.medium.com/1st-ato-how-i-exploited-security-issue-to-take-over-admin-account-e0ae309dc356
Medium
ATO | How I exploited security issue to take over admin account
Few days ago I came across one bug bounty program of an booking website lets call https://redacted.com, it was interesting website withβ¦
Making the Cloudflare WARP VPN leak DNS requests.
https://www.mathyvanhoef.com/2023/08/making-cloudflare-warp-vpn-leak-dns.html
https://www.mathyvanhoef.com/2023/08/making-cloudflare-warp-vpn-leak-dns.html
Mathyvanhoef
Making the Cloudflare WARP VPN leak DNS requests
Cloudflare offers a free VPN client called Cloudflare WARP . I found that its Windows client can be tricked into leaking all DNS requests . ...
π2
2023 OWASP Top-10 Series: API6:2023 Unrestricted Access to Sensitive Business Flows.
https://lab.wallarm.com/api62023-unrestricted-access-to-sensitive-business-flows/
https://lab.wallarm.com/api62023-unrestricted-access-to-sensitive-business-flows/
Wallarm
API6:2023 Unrestricted Access to Sensitive Business Flows - OWASP
APIs that expose sensitive business flows without proper authorization can be exploited by attackers to cause significant damage.
π1