termireum

5 Ways I Found PII Disclosures in the Wild: Real Case Studies scriptjacker.medium.com/5-ways-i-found…

Broken Object Level Authorization (BOLA) is one of the most critical API vulnerabilities, and it consistently ranks at the top of OWASP API risks. Occurs when API fails to verify whether a user has permission to access a specific object.

JS & Client-Side Security Resources github.com/zomasec/client…

🚨Junior/Advanced secruity researchers - this is for you!!! A new Training Hub that teaches you web3 vulnerability patterns and thinking as an attacker. Thanks to @ValvesSec, great job👏 URL: training.valvessecurity.com/train

How I Got Into Starbucks' Internal Network using a non resolvable hostnames credit: @damian_89_ argosdns.io/blog/how-i-got…

How I Discovered a Blind SQL Injection in a Private program @mrx_w_/how-i-discovered-a-blind-sql-injection-in-a-private-program-7eebd77ad286" target="_blank" rel="nofollow noopener">medium.com/@mrx_w_/how-i-…

@the_IDORminator github.com/assetnote/nowa… This extension super helpful

WAF bypass 101 #bugbountytips: If the request is a POST/PUT/PATCH, many times the WAF will stop reading the payload after a certain number of characters, which varies from WAF to WAF and by configuration settings. This means you can insert harmless alphanumeric garbage to exceed its read limitation, and then your naughty payloads/injection comes after and will NOT be blocked. YAY So in your payloads, if you add a new parameter as the FIRST parameter in the payload body, such as: {"trash":"value", ... the rest of the payload} or trash=gibberish& ...theRestOfThePayload I use the website below to generate the garbage: onlinefiletools.com/generate-rando… Start with 256KB in file size, copy and paste the text into your parameter, and then add something that would normally cause a WAF block into one of the other parameters. I tried to show an example here but it blocked me from posting the example (LOL). Keep increasing gibberish size up to 2MB. If it doesn't work by then it usually wont on that target. Have fun!

How I Earned $76,000 From a Single Program on Bugcrowd anonhunter.medium.com/how-i-earned-7…

RCE via Insecure JS Sandbox Bypass @win3zz/rce-via-insecure-js-sandbox-bypass-a26ad6364112" target="_blank" rel="nofollow noopener">medium.com/@win3zz/rce-vi…

@hamidonsolo Don't stop sharing a good stuff man.

They killed my Discord server today. Why? Because I was sharing free security content with beginners. That's it. That's the crime. No courses. No upsells. No "DM me for mentorship at $200/hr." Just free game. Recon methodology, AI workflows for hunting, how to actually land your first bounty. Stuff I had to figure out alone because nobody would teach me. And someone looked at that and said nah, shut it down.let beginner ignorant . Cool. You just told on yourself. Nobody wastes energy attacking something that doesn't matter. To the beginners who were in there — I see you. You're not losing anything. We move. Same energy, new address. I'm on Telegram now: t.me/onehackerspace Pull up. We're not stopping.

@hetmehtaa curl

Name a tool you can’t live without as a hacker. I’ll go first: Nmap.

Client-Side Path Traversals Across Every Framework, with XSSDoctor blog.criticalthinkingpodcast.io/p/hackernotes-…

$1,500 Recon Secrets: Dorks to Dollars @tinopreter/1-500-recon-secrets-dorks-to-dollars-0e7eca022708" target="_blank" rel="nofollow noopener">medium.com/@tinopreter/1-…

Google VRP: Insecure Direct Object Reference caesarevan23.medium.com/google-vrp-ins…

Hunting for IDORs: How I Accessed PII on a Popular Ticketing Site! @vanshrathore64/hunting-for-idors-how-i-accessed-pii-on-a-popular-ticketing-site-d7aa5f9542f2" target="_blank" rel="nofollow noopener">medium.com/@vanshrathore6…

@0xObsidian_X informative

Stored xss via pdf upload

@Mhiztabjay informative

OOS asset says Hi #StoredXSS I hope they accepts it though ....

@DriftProtocol insider job?

Earlier today, a malicious actor gained unauthorized access to Drift Protocol through a novel attack involving durable nonces, resulting in a rapid takeover of Drift’s Security Council administrative powers. This was a highly sophisticated operation that appears to have involved multi-week preparation and staged execution, including the use of durable nonce accounts to pre-sign transactions that delayed execution.