Finding Broken Access Controls
https://threat.tevora.com/finding-broken-access-controls/amp/
#IDOR
#BurpSuite
#BugBountyTip
@web_priv8
https://threat.tevora.com/finding-broken-access-controls/amp/
#IDOR
#BurpSuite
#BugBountyTip
@web_priv8
Threat Blog
Finding Broken Access Controls
This blog post is intended to be a guide on effective and efficient methods of identifying broken access control. This is not an end-all-be-all guide and explanation of broken access controls. What Are Access Controls?Access controls are policies put in place…
IDOR vulnerability automation using Autorize and AutoRepeater
https://www.youtube.com/watch?v=3K1-a7dnA60
#IDOR
#BurpSuite
#BugBountyTip
@web_priv8
https://www.youtube.com/watch?v=3K1-a7dnA60
#IDOR
#BurpSuite
#BugBountyTip
@web_priv8
YouTube
Burp Suite tutorial: IDOR vulnerability automation using Autorize and AutoRepeater (bug bounty)
Have you ever wondered how hackers find and exploit IDOR (Insecure Direct Object Reference)?
In this video STÖK get schooled by Fisher who shows him how to setup and hunt for IDORS using BURP Suite & plugins like Autorize and AutoRepeter.
Fisher:
https:…
In this video STÖK get schooled by Fisher who shows him how to setup and hunt for IDORS using BURP Suite & plugins like Autorize and AutoRepeter.
Fisher:
https:…
توی پنتست شبکه های داخلی یه سازمان ممکنه دسترسی مارو به اینترنت محدود کرده باشن، بعضی مواقع ما میتونیم اطلاعات رو از طریق ارتباط DNS ارسال کنیم، البته برای آسیب پذیری های وب هم مثل Blind Command Injection میتونه کارآمد باشه.
https://www.go350.com/posts/exfiltrate-files-using-the-dns/
#DNS
#Blind
#RedTeam
@web_priv8
https://www.go350.com/posts/exfiltrate-files-using-the-dns/
#DNS
#Blind
#RedTeam
@web_priv8
Go350
Exfiltrate files using the DNS
yes you can
https://medium.com/@syedabuthahir/django-debug-mode-to-rce-in-microsoft-acquisition-189d27d08971
#RCE
#Redis
#Django
@web_priv8
#RCE
#Redis
#Django
@web_priv8
Medium
Django debug mode to RCE in Microsoft acquisition
As usual I was doing recon using Censys (https://censys.io/) and Shodan (https://www.shodan.io/). I was looking for Django debug mode…
File Upload Attacks(Part1)
https://blog.yeswehack.com/yeswerhackers/exploitation/file-upload-attacks-part-1/
#Upload
@web_priv8
https://blog.yeswehack.com/yeswerhackers/exploitation/file-upload-attacks-part-1/
#Upload
@web_priv8
تبدیل Blind SSRF به RCE با استفاده از پروتکل Gopher و سرویس Redis در نهایت هم 15 هزار دلار بانتی
https://sirleeroyjenkins.medium.com/just-gopher-it-escalating-a-blind-ssrf-to-rce-for-15k-f5329a974530
#RCE
#SSRF
#Blind
#BugBounty
@web_priv8
https://sirleeroyjenkins.medium.com/just-gopher-it-escalating-a-blind-ssrf-to-rce-for-15k-f5329a974530
#RCE
#SSRF
#Blind
#BugBounty
@web_priv8
Medium
Just Gopher It: Escalating a Blind SSRF to RCE for $15k — Yahoo Mail
Part 1: Recon
How Github recon help me to find NINE FULL SSRF Vulnerability with AWS metadata access
https://notifybugme.medium.com/how-github-recon-help-me-to-find-nine-full-ssrf-vulnerability-with-aws-metadata-access-531d931413a5
#SSRF
#Recon
#Github
#BugBounty
@web_priv8
https://notifybugme.medium.com/how-github-recon-help-me-to-find-nine-full-ssrf-vulnerability-with-aws-metadata-access-531d931413a5
#SSRF
#Recon
#Github
#BugBounty
@web_priv8
Medium
How Github recon help me to find NINE FULL SSRF Vulnerability with AWS metadata access
Hi, everyone
Backdoor of All Flickr API Calls by XSSI
https://ngailong.wordpress.com/2017/08/11/open-door-to-all-flickr-api-calls-by-xssi/
#XSSI
#JSONP
#BugBounty
@web_priv8
https://ngailong.wordpress.com/2017/08/11/open-door-to-all-flickr-api-calls-by-xssi/
#XSSI
#JSONP
#BugBounty
@web_priv8
Ron Chan
Backdoor of All Flickr API Calls by XSSI
After reporting the Flickr ATO fix bypass, I left Flickr for a few days and go hunt after Uber. I keep changing the target from time to time when I get bored of the target. When I get back to Flick…
Effortlessly finding Cross Site Script Inclusion (XSSI) & JSONP for bug bounty
https://infosecwriteups.com/effortlessly-finding-cross-site-script-inclusion-xssi-jsonp-for-bug-bounty-38ae0b9e5c8a
#XSSI
#JSONP
#BugBounty
#BugBountyTip
@web_priv8
https://infosecwriteups.com/effortlessly-finding-cross-site-script-inclusion-xssi-jsonp-for-bug-bounty-38ae0b9e5c8a
#XSSI
#JSONP
#BugBounty
#BugBountyTip
@web_priv8
Full Local File Read via Error Based XXE using XLIFF File
https://pwn.vg/articles/2021-06/local-file-read-via-error-based-xxe
#XXE
@web_priv8
https://pwn.vg/articles/2021-06/local-file-read-via-error-based-xxe
#XXE
@web_priv8
How Gopher works in escalating SSRFs
https://infosecwriteups.com/how-gopher-works-in-escalating-ssrfs-ce6e5459b630
#SSRF
@web_priv8
https://infosecwriteups.com/how-gopher-works-in-escalating-ssrfs-ce6e5459b630
#SSRF
@web_priv8
اگه روی API Gateway / BFF میکروسرویس ها ورودی کنترل نشه و هکر بتونه اونو دور بزنه همچین داستانی مثل Starbucks پیش میاد.
https://samcurry.net/hacking-starbucks/
#BugBounty
#DirTraversal
#Microservices
@web_priv8
https://samcurry.net/hacking-starbucks/
#BugBounty
#DirTraversal
#Microservices
@web_priv8
IDOR: Attack vectors, exploitation, bypasses and chains
https://www.notion.so/IDOR-Attack-vectors-exploitation-bypasses-and-chains-0b73eb18e9b640ce8c337af83f397a6b
#IDOR
#Bypass
#BugBountyTip
@web_priv8
https://www.notion.so/IDOR-Attack-vectors-exploitation-bypasses-and-chains-0b73eb18e9b640ce8c337af83f397a6b
#IDOR
#Bypass
#BugBountyTip
@web_priv8
rural-tune-378 on Notion
IDOR: Attack vectors, exploitation, bypasses and chains | Notion
API12019: Testing for IDOR/Broken object level authorization:
Hidden parameters discovery suite
command line version: https://github.com/Sh1Yo/x8
burp extention version: https://github.com/Impact-I/x8-Burp
#Tool
#Extension
#BurpSuite
@web_priv8
command line version: https://github.com/Sh1Yo/x8
burp extention version: https://github.com/Impact-I/x8-Burp
#Tool
#Extension
#BurpSuite
@web_priv8
GitHub
GitHub - Sh1Yo/x8: Hidden parameters discovery suite
Hidden parameters discovery suite. Contribute to Sh1Yo/x8 development by creating an account on GitHub.