KERRO

how to hack discord, vercel and more with one easy trick kibty.town/blog/mintlify/

the person who discovered the #react2shell vulnerability should get paid $1m

CloudRip Fast Cloudflare bypass scanner Find real server IPs behind Cloudflare by scanning subdomains. Multi-threaded for speed, skips Cloudflare-owned IPs, supports custom or built-in wordlists, and exports results. Built-in rate limiting to avoid getting blocked REPO ⤵️

I have seen lot of stupid things lately concerning CS, EDR's and Windows drivers. I wrote a, not so bad I guess, long blog post explaining how to build a windows driver, why EDR's need them, and how EDR's work, might be helpful 🤪 blog.whiteflag.io/blog/from-wind…

And we're live! dorkme.com Google ✅ Bing ✅ Baidy ✅ DuckDuckGo ✅ Yahoo/AOL ✅ CLI Tool ✅ Take your dorking to the next level, all feedbacks are appreciated! <3 #bugbounty #infosec #dork #dorking #seo #automation

BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution google.github.io/security-resea…

I am thrilled to share my first two CVE assignments CVE-2023-50694 and CVE-2023-50693 for discovering HTTP request smuggling vulnerabilities in HTTPbeast and Jester, both written in Nim language. tenable.com/cve/CVE-2023-5… tenable.com/cve/CVE-2023-5…

You can now discover subdomains with HackerGPT.

@SuperFashi1 :o

it unfortunately got to my old apartment🥲

I published a new blog post about how I chained two vulnerabilities I found in Huawei NetEngine AR617VW to achieve post-auth RCE wr3nchsr.github.io/huawei-netengi…

Your printer is not your printer ! - Hacking Printers at Pwn2Own by @d3vc0r3 devco.re/blog/2023/10/0… devco.re/blog/2023/11/0… @raptor/111470231204291269" target="_blank" rel="nofollow noopener">infosec.exchange/@raptor/111470…

We stand with Gaza

Per popular demand, here are my 30 reversing tips all together in one blog post 🤩 blog.vastart.dev/2020/04/guys-3…

new ctf tactic for pwners: a flexible arbitrary write -> rce primitive that doesn't rely on the linker, io objects, or malloc. it's in how your program chooses between SSE or AVX when doing a memcpy! @pepsipu/SyqPbk94a" target="_blank" rel="nofollow noopener">hackmd.io/@pepsipu/SyqPb…

Like many others, I'm very excited for #37C3. It does however seem like there will be no #CTF this time. We did some brainstorming in the CTF Discord and came up with the idea of a "CCC Potluck CTF". Please read about it and potentially contribute: forms.gle/FaPGE492s9rPzC…

@Farenain @yates82 @vector35 api is amazing, lifting new arch is sooo simple with binary ninja. I'm currently lifting vm based obfuscation, following @samrussellnz amazing blog series lodsb.com/lifting-vm-bas…

@RahmatQurishi @zseano Google has a built in Open Redirect you can chain: https://google[.]com/amp/s/poc.rhynorater.com