how to hack discord, vercel and more with one easy trick kibty.town/blog/mintlify/

the person who discovered the #react2shell vulnerability should get paid $1m

CloudRip Fast Cloudflare bypass scanner Find real server IPs behind Cloudflare by scanning subdomains. Multi-threaded for speed, skips Cloudflare-owned IPs, supports custom or built-in wordlists, and exports results. Built-in rate limiting to avoid getting blocked REPO ⤵️

I have seen lot of stupid things lately concerning CS, EDR's and Windows drivers. I wrote a, not so bad I guess, long blog post explaining how to build a windows driver, why EDR's need them, and how EDR's work, might be helpful 🤪 blog.whiteflag.io/blog/from-…

And we're live! dorkme.com/ Google ✅ Bing ✅ Baidy ✅ DuckDuckGo ✅ Yahoo/AOL ✅ CLI Tool ✅ Take your dorking to the next level, all feedbacks are appreciated! <3 #bugbounty #infosec #dork #dorking #seo #automation

BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution google.github.io/security-re…

I am thrilled to share my first two CVE assignments CVE-2023-50694 and CVE-2023-50693 for discovering HTTP request smuggling vulnerabilities in HTTPbeast and Jester, both written in Nim language. tenable.com/cve/CVE-2023-506… tenable.com/cve/CVE-2023-506…

You can now discover subdomains with HackerGPT.

I published a new blog post about how I chained two vulnerabilities I found in Huawei NetEngine AR617VW to achieve post-auth RCE wr3nchsr.github.io/huawei-ne…

Your printer is not your printer ! - Hacking Printers at Pwn2Own by @d3vc0r3 devco.re/blog/2023/10/05/you… devco.re/blog/2023/11/06/you… infosec.exchange/@raptor/111…

We stand with Gaza

Per popular demand, here are my 30 reversing tips all together in one blog post 🤩 blog.vastart.dev/2020/04/guy…

new ctf tactic for pwners: a flexible arbitrary write -> rce primitive that doesn't rely on the linker, io objects, or malloc. it's in how your program chooses between SSE or AVX when doing a memcpy! hackmd.io/@pepsipu/SyqPbk94a

Like many others, I'm very excited for #37C3. It does however seem like there will be no #CTF this time. We did some brainstorming in the CTF Discord and came up with the idea of a "CCC Potluck CTF". Please read about it and potentially contribute: forms.gle/FaPGE492s9rPzCGQ6

api is amazing, lifting new arch is sooo simple with binary ninja. I'm currently lifting vm based obfuscation, following @samrussellnz amazing blog series lodsb.com/lifting-vm-based-o…

Google has a built in Open Redirect you can chain: https://google[.]com/amp/s/poc.rhynorater.com

Route to Bugs: Analyzing the Security of BGP Message Parsing i.blackhat.com/BH-US-23/Pres… [PDF]