e3xpl0it

🍃 Are you stuck on authorization bypass in a Spring app? This tip can be helpful to you!

💰 New article by our researcher Andrey Bachurin: "Binance Smart Chain Token Bridge Hack" The article explains the technical details of one of the largest cryptocurrency hacks ever. Read the blog post: swarm.ptsecurity.com/binance-smart-…

🧙‍♂️ CVE-2022-44268 - a vulnerability in ImageMagick that could lead to an arbitrary file read. How does it work? See here 👇

💬 New article by our researcher Aleksey Solovev: "MyBB <= 1.8.31: Remote Code Execution Chain". 🐞 Abusing Nested Parsers Conditions for getting XSS 🐞 From Privileged SQL Injection to RCE Read the article: swarm.ptsecurity.com/mybb-1-8-31-re…

🏆 Our nominees for @PortSwigger Top 10 of 2022! 1️⃣ Jetty Features for Hacking Web Apps 2️⃣ Exploiting Arbitrary Object Instantiations in PHP without Custom Classes 3️⃣ Discovering Domains via a Time-Correlation Attack on Certificate Transparency Vote here:portswigger.net/polls/top-10-w…

✅ A simple way to merge manifests for an Android app.

⚓️ New article by our researcher @m1ke_n1: "Jetty Features for Hacking Web Apps". Read the research: swarm.ptsecurity.com/jetty-features…

📝New research by @lmpact_l: "Fork Bomb for Flutter" There are more and more Flutter applications, and security analysis of these apps is in high demand. Our member Phil shares his knowledge and presents his reFlutter tool. Read the article: swarm.ptsecurity.com/fork-bomb-for-…

😼 You discovered an XSS, but it has no impact? Our mobile hacker @lmpact_l knows the drill 🤑🔽

🐳 Red Hat fixed an Unauth XXE (CVE-2022-2414) in FreeIPA found by our researcher @elk0kc. In some cases, it allows attackers to read the Directory Manager password from the config of FreeIPA and take full control of the infrastructure. Advisory: access.redhat.com/security/cve/C…

🦺 A set of Jiggler Keys is the most practical tool for a penetration tester when operating on-site! Jiggle your way into any cabinet in a matter of seconds!

🙀 Our researcher Arseniy Sharoglazov found a new technique for discovering second-level domains! Useful for: 🐞 Bughunters, for discovering vulns on new domains 🐛 Threathunters, for discovering malicious domains 🎃 Everyone else Read the research: swarm.ptsecurity.com/discovering-do…

🔥 A tip for getting RCE in Jetty apps with just one XML file!

🚨 New article by our researcher Aleksey Solovev: "Researching Open Source apps for XSS to RCE flaws". Read the article: swarm.ptsecurity.com/researching-op…

🥳 We have reproduced an Arbitrary File Read for an internal site of Skype for Business / MS Lync! CVE: CVE-2022-26911 Subdomains: dialin, meet, lyncdiscover, sip, ... Original advisory: lab.viettelcybersecurity.com/advisories/VCS… The PoC ⤵️

💥 New attack! Our researcher Arseniy Sharoglazov discovered a PHP's Arbitrary Object Instantiation with no user-defined classes. It was turned to RCE! Read the research: swarm.ptsecurity.com/exploiting-arb…

🥷 Useful hotkeys to become @Burp_Suite ninja

🧩 Zoneminder fixed a Post-Auth RCE found by our researcher Ilya Yatsenko (@fulc2um). See details in the advisory 👉 github.com/ZoneMinder/zon…

💥 We have reproduced CVE-2022-31626, an RCE in PHP <= 7.4.29 which can be triggered via a rogue MySQL/MariaDB server! It's a Heap Overflow, works with MySQLi/PDO, and doesn't require LOAD LOCAL INFILE. The PoC 👉 github.com/CFandR-github/…

🚒 Invision Community fixed an SSRF vulnerability (CVE-2021-40604) found by Mikhail Klyuchnikov! Timeline: ✅ 06/23/2021 - The advisory is published 😒 06/24/2021 - Requested CVE via MITRE 😀 06/13/2022 - CVE was assigned The PoC ⤵️ The "gkey" param is an unfollow token.