HolyBugx
@HolyBugx
Followers
12K
Following
1K
Media
32
Statuses
514
RT @PortSwiggerRes: The results are in! We're proud to announce the Top ten web hacking techniques of 2024!
portswigger.net
Welcome to the Top 10 Web Hacking Techniques of 2024, the 18th edition of our annual community-powered effort to identify the most innovative must-read web security research published in the last year
0
297
0
RT @watchtowrcyber: 8 million requests, $400 later - we’re back. 🚀. We have demonstrated supply chain attacks that could have allowed us t….
labs.watchtowr.com
Surprise surprise, we've done it again. We've demonstrated an ability to compromise significantly sensitive networks, including governments, militaries, space agencies, cyber security companies,...
0
92
0
RT @samwcyo: New blog post with @infosec_au:. We found a vulnerability in Subaru where an attacker, with just a license plate, could retrie….
samcurry.net
On November 20, 2024, Shubham Shah and I discovered a security vulnerability in Subaru’s STARLINK admin panel that gave us unrestricted access to all vehicles and customer accounts in the United...
0
316
0
RT @d4d89704243: Introducing the Cookie Sandwich, a tasty technique to steal HttpOnly cookies using legacy RFC features: .
portswigger.net
In this post, I will introduce the "cookie sandwich" technique which lets you bypass the HttpOnly flag on certain servers. This research follows on from Bypassing WAFs with the phantom $Version cookie
0
92
0
RT @artsploit: Last year, I committed to uncovering critical vulnerabilities in Maven repositories. Now it’s time to share the findings: RC….
0
84
0
RT @hackermondev: Research into a unique 0-click deanonymization exploit targeting Signal, Discord and hundreds of platform 🧵 https://t.co/….
0
507
0
RT @d4d89704243: Did you know you can use an ancient magic cookie to downgrade parsers and bypass WAFs?! Neither did we. Enjoy!. https://t.c….
portswigger.net
HTTP cookies often control critical website features, but their long and convoluted history exposes them to parser discrepancy vulnerabilities. In this post, I'll explore some dangerous, lesser-known
0
67
0
RT @httpvoid0x2f: Check out our latest blog post! We dive into GitHub Enterprise’s SAML implementation and explore an authentication bypass….
projectdiscovery.io
Introduction In light of the recent Ruby-SAML bypass discovered in GitLab, we set out to examine the SAML implementation within GitHub Enterprise. During our research, we identified a significant...
0
50
0
RT @hackermondev: 1 Bug, $50K+ in bounties: how Zendesk left a backdoor in hundreds of companies #bugbountytips .
gist.github.com
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies - zendesk.md
0
340
0
RT @albinowax: Love a good client-side exploit chain! This crazy cross-product chain targeting Google by @rebane2001 is a great example of….
lyra.horse
A writeup of my $4133.70 Google Drive vulnerability chain.
0
105
0
RT @watchtowrcyber: In August, watchTowr Labs hijacked parts of the global .mobi TLD - and went on to discover the mayhem that we could cau….
labs.watchtowr.com
Welcome back to another watchTowr Labs blog. Brace yourselves, this is one of our most astounding discoveries. Summary What started out as a bit of fun between colleagues while avoiding the Vegas...
0
129
0
RT @iangcarroll: In April, @samwcyo and I discovered a way to bypass airport security via SQL injection in a database of crewmembers. Unfor….
ian.sh
We discovered a serious vulnerability in the Known Crewmember (KCM) and Cockpit Access Security System (CASS) programs used by the Transportation Security Administration.
0
652
0
RT @orange_8361: Thrilled to release my latest research on Apache HTTP Server, revealing several architectural issues! .
0
656
0
RT @garethheyes: Everyone knows that the RFCs for email addresses are crazy. This post will show without doubt that you should not be follo….
portswigger.net
Some websites parse email addresses to extract the domain and infer which organisation the owner belongs to. This pattern makes email-address parser discrepancies critical. Predicting which domain an
0
155
0
RT @albinowax: The whitepaper is live! Listen to the whispers: web timing attacks that actually work. Read it here ->..
portswigger.net
Websites are riddled with timing oracles eager to divulge their innermost secrets. It's time we started listening to them. In this paper, I'll unleash novel attack concepts to coax out server secrets
0
177
0
RT @ryotkak: I recently developed and posted about a technique called "First sequence sync", expanding @albinowax's single packet attack.….
flatt.tech
Introduction Hello, I’m RyotaK (@ryotkak ), a security engineer at Flatt Security Inc. In 2023, James Kettle of PortSwigger published an excellent paper titled Smashing the state machine: the true...
0
247
0
RT @orange_8361: PHP just fixed one of my RCE vulnerabilities, which affects XAMPP by default. Check to see if you are affected and update….
0
346
0
RT @H4R3L: New blog! This time a high severity session takeover in Zoom worth $15,000. Read the story of how @sudhanshur705 , @BrunoModific….
nokline.github.io
Here you can read all about my research and techniques I’ve gathered over time!
0
127
0
RT @samwcyo: New writeup:. "Hacking Millions of Modems (and Investigating Who Hacked My Modem)". Thanks for readin….
samcurry.net
Two years ago, something very strange happened to me while working from my home network. I was exploiting a blind XXE vulnerability that required an external HTTP server to smuggle out files, so I...
0
386
0