Forwarded from Zer0 to her0 (Jonhnathan Jonhnathan Jonhnathan)
A very deep dive into iOS Exploit chains found in the wild
https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html
@FromZer0toHero
https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html
@FromZer0toHero
projectzero.google
A very deep dive into iOS Exploit chains found in the wild
Posted by Ian Beer, Project ZeroProject Zero’s mission is to make 0-day hard. We often work...
Forwarded from canyoupwn.me
Race Condition that could Result to RCE - (A story with an App that temporary stored an uploaded file within 2 seconds before moving it to Amazon S3)
https://medium.com/bugbountywriteup/race-condition-that-could-result-to-rce-a-story-with-an-app-that-temporary-stored-an-uploaded-9a4065368ba3
https://medium.com/bugbountywriteup/race-condition-that-could-result-to-rce-a-story-with-an-app-that-temporary-stored-an-uploaded-9a4065368ba3
Medium
Race Condition that could Result to RCE - (A story with an App that temporary stored an uploaded file within 2 seconds before moving…
بسم الله الرحمن الرحيم
Forwarded from canyoupwn.me
A Simple bypass of Registration Activation that Lead to many Bug -
https://medium.com/bugbountywriteup/a-simple-bypass-of-registration-activation-that-lead-to-many-bug-a-story-about-how-my-friend-5df0889f1062
https://medium.com/bugbountywriteup/a-simple-bypass-of-registration-activation-that-lead-to-many-bug-a-story-about-how-my-friend-5df0889f1062
Forwarded from The Bug Bounty Hunter
DroidCon, SEC-T CTF 2019
https://anee.me/droidcon-sec-t-ctf-2019-d796be91bb3f
https://anee.me/droidcon-sec-t-ctf-2019-d796be91bb3f
Forwarded from Android Security & Malware
MobSF v2.0 released
https://github.com/MobSF/Mobile-Security-Framework-MobSF
https://github.com/MobSF/Mobile-Security-Framework-MobSF
GitHub
GitHub - MobSF/Mobile-Security-Framework-MobSF: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application…
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a...
Forwarded from Information Security
Windows Hacking/Red teaming resources
https://docs.google.com/document/d/1HYPX0MMn2Qc0TNYRRIaaYU2GIbuTMXHm-JBhRR2vNMU/mobilebasic
https://docs.google.com/document/d/1HYPX0MMn2Qc0TNYRRIaaYU2GIbuTMXHm-JBhRR2vNMU/mobilebasic
Forwarded from Android Security & Malware
Andromeda - Interactive Reverse Engineering Tool for Android apps
https://github.com/secrary/Andromeda
https://github.com/secrary/Andromeda
GitHub
GitHub - secrary/Andromeda: Andromeda - Interactive Reverse Engineering Tool for Android Applications
Andromeda - Interactive Reverse Engineering Tool for Android Applications - secrary/Andromeda
Forwarded from Hacking Resources
research.securitum.com
Write-up of DOMPurify 2.0.0 bypass using mutation XSS - research.securitum.com
Yesterday, a new version of DOMPurify (very popular XSS sanitization library) was released, that fixed a bypass reported by us. In this post I’ll show how exactly the bypass looked like preceded by general information about DOMPurify and how it works. If…
Forwarded from The Bug Bounty Hunter
Huge list of companies with active bug bounties
https://www.hacks.icu/Thread-Huge-list-of-companies-with-active-bug-bounties?pid=2192
https://www.hacks.icu/Thread-Huge-list-of-companies-with-active-bug-bounties?pid=2192
ww16.hacks.icu
hacks.icu - This website is for sale! - hacks Resources and Information.
This website is for sale! hacks.icu is your first and best source for all of the information you’re looking for. From general topics to more of what you would expect to find here, hacks.icu has it all. We hope you find what you are searching for!