Gaining Access To GCP Of Google Stadia
https://medium.com/@sebastien.kaul/gaining-access-to-gcp-of-google-stadia-500-bounty-22f76ecc8e60
https://medium.com/@sebastien.kaul/gaining-access-to-gcp-of-google-stadia-500-bounty-22f76ecc8e60
Medium
Gaining Access To GCP Of Google Stadia — 500$ Bounty
Learning machine authentication, finding a needle and gaining access to the Google Cloud project of Google Stadia.
Chaining Open Redirect with XSS to Account Takeover
https://radianid.medium.com/chaining-open-redirect-with-xss-to-account-takeover-36acf218a6d5
https://radianid.medium.com/chaining-open-redirect-with-xss-to-account-takeover-36acf218a6d5
Medium
Chaining Open Redirect with XSS to Account Takeover
Hello everyone, I hope you are well. In this article I will show you how I escalated XSS to Account Takeover. Since the target is private…
Facebook Vulnerability: Expose Group Member — $3000
https://medium.com/@muhammadsholikhin/facebook-vulnerability-expose-group-member-3000-cca809a53f6b
https://medium.com/@muhammadsholikhin/facebook-vulnerability-expose-group-member-3000-cca809a53f6b
Medium
Facebook Vulnerability: Expose Group Member — $3000
The issue is Insecure Direct Object with impact malicious user can expose or determine member on closed group. But the issue have limits…
How I Lost the SecurityTrails #ReconMaster Contest, and How You Can Win: Edge-Case Recon Ideas
https://securitytrails.com/blog/how-i-lost-the-securitytrails-reconmaster-contest
https://securitytrails.com/blog/how-i-lost-the-securitytrails-reconmaster-contest
Securitytrails
SecurityTrails | How I lost the SecurityTrails #ReconMaster contest, and how you can win: Edge-case recon ideas
'A while back, SecurityTrails announced that they would be running a contest dubbed 'Recon Master'. The aim of the game is to find hostnames that resolve to an IPv4 address that are not already found by SecurityTrails'
Forwarded from Android Security & Malware
XXE in Public Transport Ticketing Mobile APP
https://blog.niksthehacker.com/xxe-in-public-transport-ticketing-mobile-app-81ae245c01a1
https://blog.niksthehacker.com/xxe-in-public-transport-ticketing-mobile-app-81ae245c01a1
Medium
XXE in Public Transport Ticketing Mobile APP
This finding was an another private bug bounty program. The scope of the target was a ticketing android app (Prod). This app was a major…
Bug Bounty Stories #1: Tale of CSP bypass in an electron app!
https://securitygoat.medium.com/bug-bounty-stories-1-tale-of-csp-bypass-in-an-electron-app-f669f6ecefc9
https://securitygoat.medium.com/bug-bounty-stories-1-tale-of-csp-bypass-in-an-electron-app-f669f6ecefc9
Medium
Bug Bounty Stories #1: Tale of CSP bypass in an electron app!
Talking of a bug I found a long time back which led to the bypassing of CSP in an electron app :)
CSRF on /api/graphql allows executing mutations through GET requests
https://hackerone.com/reports/1122408
https://hackerone.com/reports/1122408
HackerOne
GitLab disclosed on HackerOne: CSRF on /api/graphql allows...
Mutations are `edit` or `create` queries used in Graphql. Gitlab prevents CSRF in this functionality by sending a POST request with a X-CSRF-Token header. The bug I found here was that, when we...
how to boost your popularity on okcupid using CSRF and a JSON type confusion
https://blog.azuki.vip/csrf/
https://blog.azuki.vip/csrf/
Webpack Exploder
Unpack the source code of React and other Webpacked Javascript apps! Check out Expanding the Attack Surface: React Native Android Applications to learn how to turbocharge your React hacking.
https://spaceraccoon.github.io/webpack-exploder/
Unpack the source code of React and other Webpacked Javascript apps! Check out Expanding the Attack Surface: React Native Android Applications to learn how to turbocharge your React hacking.
https://spaceraccoon.github.io/webpack-exploder/
spaceraccoon.github.io
Webpack Exploder
Unpack the source code of React and other Webpacked Javascript apps!
Security researcher finds dangerous bug in Chromium, nabs $15,000 bounty
https://portswigger.net/daily-swig/security-researcher-finds-dangerous-bug-in-chromium-nabs-15-000-bounty
https://portswigger.net/daily-swig/security-researcher-finds-dangerous-bug-in-chromium-nabs-15-000-bounty
The Daily Swig | Cybersecurity news and views
Security researcher finds dangerous bug in Chromium, nabs $15,000 bounty
Site isolation security break uncovered
$50k bug bounty on Shopify explained (GitHub access token leaked via electron application)
https://youtu.be/xOoWHKOphK0
https://youtu.be/xOoWHKOphK0
YouTube
$50k bug bounty on Shopify explained (GitHub access token leaked via electron application)
In this video we walk through how a security researcher named Augusto Zanellato was able to discover a GitHub Personal Access Token (PAT) that had read/write access to private Shopify repositories, and earned them a $50,000USD bounty!
You can read the report…
You can read the report…
👍1
Forwarded from Android Security & Malware
Facebook Messenger for Android indirect thread deletion vulnerability
https://servicenger.com/blog/mobile/android/facebook-messenger-for-android-indirect-thread-deletion/
https://servicenger.com/blog/mobile/android/facebook-messenger-for-android-indirect-thread-deletion/
Internal Gitlab Ticket Disclosure via External Slack Channels
https://hackerone.com/reports/1273292
https://hackerone.com/reports/1273292