n3mo

Collision – The VNG Security Response Center was able to execute a 2-bug chain against the QNAP TS-464. However, the exploit they used was previously known. They still earn $5,000 and 1 Master of Pwn point. #Pwn2Own

We're really happy to share our improvements and some experiments for the CookieMonster tool. Weaponizing Monster for Cookies Attacks: vsrc.vng.com.vn/blog/weaponizi… Also include burp-extender plugin for burp suite. Hope you guys enjoy it. ~Cheers, VSRC

This summer's transfer window was wild 🤑 twitter.com/brfootball/sta…

Ladies and Gentlemen: The new Dojo opens to welcome black belt Hackers to fight for honor!!! #VSRC Liferay revisited: A tale of 20k$. vsrc.vng.com.vn/blog/liferay-r… Hope you guys enjoy it and stay tuned for more technique writeups / blogs / exploits ... will come. ~Cheers, VSRC

1/10 - I've been doing offensive security source code review for a long time now, and along the way I've learnt a lot of lessons that can make you more effective. Some of them include:

I've released the first episode of Bug Bounty Redacted today (Exposed Redis & HAProxy): youtube.com/watch?v=mWNaGn… This series walks you through real bug bounty reports that were rewarded, and explains the discovery process, and reporting process in detail. New episodes Monthly!

Polaris rolled out protection for our customers using our Web Application & API Protection against log4j2 vulnerability (CVE-2021-44228). We have refined the rules to block more advanced WAF bypass payloads. polarisec.com

Slides for our(@rootxharsh) BSides AMD talk Felt good sharing on the speakerdeck because I learned a lot of cool stuff from Filedescriptor's and Masato's slides on speakerdeck. speakerdeck.com/s1r1us/a-tale-…

@arkark_ can i get this blog?

ぐわー、なんで String.SafetifyRegExp を汚染する方を思いつかなかったんだ。シンプルな問題で好き

Our Pre-Auth RCE exploit for Atlassian Confluence (CVE-2021–26084) was leaked after reporting it to @VMware. They have refused to admit the leak and ignored our emails. tradahacking.vn/atlassian-conf…

using z3 to reverse a custom hash during a CTF be like

👺XSTREAM<=1.4.17: -CVE-2021-39141（RCE） - CVE-2021-39144（RCE） - CVE-2021-39150（SSRF） - CVE-2021-39152（SSRF). PoC github.com/zwjjustdoit/Xs…

野生のフクロウ、間違えて一瞬だけ気持ちよくなる twitter.com/po__kaki__to/s…

Get ready for the 2021 Google CTF! Runs for 48 hours, starting Saturday, July 17, 00:01 UTC! Details: security.googleblog.com/2021/06/get-re…

Finally, a use for math! "The Ransomware Song"

@ptracesecurity may you dont need to brute reset-token!

I found two more!!! #XSs #payloads 1. stop:alert() 2. posting:alert() 3. nonesense:alert() 4. bugbountytips:alert() 5. please:alert() 6. thank:alert() 7. you:alert() 8. bro:alert() #bugbountytips