
parrot409
@parrot409
Followers
1K
Following
3K
Media
25
Statuses
344
RT @kevin_mizu: @albinowax @tincho_508 That's great news! It reminds me of a Gunicorn bug (now patched) I found, where HEAd was treated as….
0
1
0
RT @Sonar_Research: SQL Injection despite using prepared statements? 🧐. Turns out that SQL syntax can be ambiguous! Learn how this has led….
sonarsource.com
Can a simple dash character introduce a security risk? Discover how SQL line comments can open the door to unexpected injection vulnerabilities in several PostgreSQL client libraries!
0
32
0
RT @h0mbre_: i stopped auditing /net/sched because kCTF players have used it to print 0days for years now and I figured “surely they’re run….
0
7
0
RT @hackyboiz: Hackyboiz team has brought some hot news!.🛠️ is back with a fresh upgrade!. One of Korea’s most icon….
0
25
0
CVE-2025-3155 writeup. It's about exfiltrating files using the GNOME Help application. It isn't severe as it requires some user interaction, but it's a fun bug.
gist.github.com
CVE-2025-3155. GitHub Gist: instantly share code, notes, and snippets.
2
20
98
RT @Satoooon1024: はてなブログに投稿しました.Speculation-Rulesを利用したXS-Leaks - SECCON CTF 13 Author's Writeup ( Tanuki Udon ) - Satoooonの物置 https://t.co/….
satoooon1024.hatenablog.com
EN この記事はCTF Advent Calender 2024の二日目の記事です。 昨日の記事は小池さんのCTFの問題の作り方でした。実はまだよく読んでない(は?)のですが、作問の記事なんていくらあっても嬉しいですね。 この記事では、SECCON CTF 13で出題したTanuki Udonという問題の想定解の解説を…
0
12
0
RT @arkark_: Here is the author solution. Thank you for playing IERAE CTF 2024. My solution uses `hidden="until-fo….
gist.github.com
Author solution: Leak! Leak! Leak! - IERAE CTF 2024 - README.md
0
9
0
RT @ankursundara: Here's my author writeup for htmlsandbox from SekaiCTF.- a parsing differential in streamed vs no….
blog.ankursundara.com
HTML parsing differentials are fun!
0
31
0
🥳.
3
0
28