Forwarded from Android Security & Malware
Facebook Messenger for Android indirect thread deletion vulnerability
https://servicenger.com/blog/mobile/android/facebook-messenger-for-android-indirect-thread-deletion/
https://servicenger.com/blog/mobile/android/facebook-messenger-for-android-indirect-thread-deletion/
Forwarded from The Bug Bounty Hunter
Internal Gitlab Ticket Disclosure via External Slack Channels
https://hackerone.com/reports/1273292
https://hackerone.com/reports/1273292
Forwarded from The Bug Bounty Hunter
Forwarded from The Bug Bounty Hunter
Intigriti’s PHP challenge breakdown https://securitygoat.medium.com/intigritis-php-challenge-breakdown-178f5d003986
Forwarded from The Bug Bounty Hunter
Built from the ground up in Rust, Caido aims to help security professionals and enthusiasts audit web applications with efficiency and ease
https://caido.io/
https://caido.io/
Caido
Caido aims to help security professionals and enthusiasts audit web applications with efficiency and ease.
Forwarded from The Bug Bounty Hunter
What is BOLA? 3-digit bounty from Topcoder ($$$)
https://infosecwriteups.com/what-is-bola-3-digit-bounty-from-topcoder-a25e7fae0d64
https://infosecwriteups.com/what-is-bola-3-digit-bounty-from-topcoder-a25e7fae0d64
Medium
What is BOLA? 3-digit bounty from Topcoder ($$$)
This write-up will be about Broken Object Level Authorization (BOLA), which is #1 topic of API Security 101 (OWASP).
Forwarded from The Bug Bounty Hunter
Insecure Bundler configuration fetching internal Gems (okra) from Rubygems.org
https://hackerone.com/reports/1104874
https://hackerone.com/reports/1104874
HackerOne
Basecamp disclosed on HackerOne: Insecure Bundler configuration...
I found an internal gem (Ruby library) in use by Basecamp that was not registered on Rubygems (the public Ruby package repository). I registered a gem of my own under the name that would call back...
Forwarded from The Bug Bounty Hunter
OTP bypass and Account takeover using response manipulation
https://infosecwriteups.com/otp-bypass-and-account-takeover-using-response-manipulation-685ad4e1ea76
https://infosecwriteups.com/otp-bypass-and-account-takeover-using-response-manipulation-685ad4e1ea76
Medium
OTP bypass and Account takeover using response manipulation
Who is Krishnadev P Melevila?
Forwarded from The Bug Bounty Hunter
Setup Your Private Burp Collaborator for SSRF/XXE
https://sicks3c.medium.com/setup-your-private-burp-collaborator-for-ssrf-xxe-fd6cf01c8ca
https://sicks3c.medium.com/setup-your-private-burp-collaborator-for-ssrf-xxe-fd6cf01c8ca
Medium
Setup Your Private Burp Collaborator for SSRF/XXE
Burp-suite Collaborator
Forwarded from The Bug Bounty Hunter
Fuzzing + IDOR = Admin TakeOver
https://medium.com/@gonzalocarrascosec/fuzzing-idor-admin-takeover-5343bb8f436e
https://medium.com/@gonzalocarrascosec/fuzzing-idor-admin-takeover-5343bb8f436e
Medium
Fuzzing + IDOR = Admin TakeOver
Hello everyone, this is my first post. I’ve been thinking about writing about my findings for a while, so here we go.
Forwarded from The Bug Bounty Hunter
A collection of tiny #XSS Payloads that can be used in different contexts.
https://tinyxss.terjanq.me
Via: https://twitter.com/ffranz/status/1425432025004191749
https://tinyxss.terjanq.me
Via: https://twitter.com/ffranz/status/1425432025004191749
tinyxss.terjanq.me
Tiny XSS Payloads
A collection of small XSS payloads
Forwarded from The Bug Bounty Hunter
Modify in-flight data to payment provider Smart2Pay
https://hackerone.com/reports/1295844
https://hackerone.com/reports/1295844
HackerOne
Valve disclosed on HackerOne: Modify in-flight data to payment...
I have found vulnerability which allows attacker to generate steam wallet balance.
Firstly you will have to change yours steam account email to something like (I will explain why in next steps,...
Firstly you will have to change yours steam account email to something like (I will explain why in next steps,...
Forwarded from The Bug Bounty Hunter
Chain of vulnerabilities in Uber for Business Vouchers program allows for attacker to perform arbitrary charges to victim's U4B payment account
https://hackerone.com/reports/1145428
https://hackerone.com/reports/1145428
HackerOne
Uber disclosed on HackerOne: Chain of vulnerabilities in Uber for...
We have determined that through a chain of 3 vulnerabilities, it is possible for any U4B user to apply credit card charges or holds to any business using the Vouchers site. These charges originate...
Forwarded from The Bug Bounty Hunter
Holy FFUF! — A Beginner Guide to Fuzz with FFUF
https://mikekitckchan.medium.com/holy-ffuf-a-beginner-guide-to-fuzz-with-ffuf-4bc6a66b5391
https://mikekitckchan.medium.com/holy-ffuf-a-beginner-guide-to-fuzz-with-ffuf-4bc6a66b5391
Medium
Holy FFUF! — A Beginner Guide to Fuzz with FFUF
If you are a bug bounty hunter or security researcher, you must be familiar with a technique called Fuzzing. In case you just newly…
A modified version of the WhatsApp messaging app for Android has been trojanized to serve malicious payloads, display full-screen ads, and sign up device owners for unwanted premium subscriptions without their knowledge.
Read: https://thehackernews.com/2021/08/modified-version-of-whatsapp-for.html
Via @thehackernews
Read: https://thehackernews.com/2021/08/modified-version-of-whatsapp-for.html
Via @thehackernews
Forwarded from DIRECTOR️
Raz0r.name — Web Application Security
Using CodeQL to detect client-side vulnerabilities in web applications | Raz0r — Web3 Security
GitHub’s CodeQL is a robust query language originally developed by Semmle that allows you to look for vulnerabilities in the source code. CodeQL is known as a tool to inspect open source repositories, however its usage is not limited just to it. In this article…