The Bug Bounty Hunter

2022-08-19 21:10:06 Critical Local File Read in Electron Desktop App

https://bugcrowd.com/disclosures/f7ce8504-0152-483b-bbf3-fb9b759f9f89/critical-local-file-read-in-electron-desktop-app Open / Comment

2022-08-18 20:24:01 Intigriti chats to Will Chilcutt of Yahoo’s Infosecurity team about their upcoming live hacking event

https://blog.intigriti.com/2022/08/18/intigriti-chats-will-chilcutt-yahoos-infosecurity-team-about-their-upcoming-live-hacking-event/ Open / Comment

2022-08-18 19:16:50 Building Your Own Historical DNS Solution with DNSx

https://blog.projectdiscovery.io/building-your-own-historical-dns-solution-with-dnsx/ Open / Comment

2022-08-18 19:15:24 Browser-Powered Desync Attacks

A New Frontier in HTTP Request Smuggling

https://i.blackhat.com/USA-22/Wednesday/us-22-Kettle-Browser-Powered-Desync-Attacks.pdf Open / Comment

2022-08-18 00:55:00 Let's Dance in the Cache - Destabilizing Hash Table on Microsoft IIS!

https://blog.orange.tw/2022/08/lets-dance-in-the-cache-destabilizing-hash-table-on-microsoft-iis.html Open / Comment

2022-08-17 21:10:01 Bypass Captcha using Turbo Intruder leads to Bruteforce attack - Bug Bounty

https://www.cyberick.com/post/bypass-captcha-using-turbo-intruder-leads-to-bruteforce-attack-bug-bounty Open / Comment

2022-08-16 17:25:03 How I found an XSS vulnerability via using emojis

https://medium.com/@fpatrik/how-i-found-an-xss-vulnerability-via-using-emojis-7ad72de49209 Open / Comment

2022-06-23 16:25:33 ChainWalker is a smart contract scraper which uses RCP/IPC calls to extract the information

https://github.com/0xsha/ChainWalker Open / Comment

2022-06-23 16:15:13 Blocksec CTFs
A curated list of blockchain security Wargames, Challenges, and Capture the Flag (CTF) competitions and solution writeups.

https://github.com/blockthreat/blocksec-ctfs Open / Comment

2022-06-23 14:30:29 Miracle - One Vulnerability To Rule Them All

https://peterjson.medium.com/miracle-one-vulnerability-to-rule-them-all-c3aed9edeea2 Open / Comment