!
也想出现在这里? 联系我们
创意广告

bugbounty技巧聚合20211105

漏洞报告

【Kubernetes 1,000 USD】Man in the middle using LoadBalancer or ExternalIPs services
https://hackerone.com/reports/764986

【Internet Bug Bounty 1,200 USD】Request line injection via HTTP/2 in Apache mod_proxy
https://hackerone.com/reports/1391549

【Logitech 200 USD】Steal any users access_token via open redirect in https://streamlabs.com/global/identity?popup=1&r=
https://hackerone.com/reports/1327742

挖洞技巧

Finding and Fixing DOM-based XSS with Static Analysis
https://blog.mozilla.org/attack-and-defense/2021/11/03/finding-and-fixing-dom-based-xss-with-static-analysis/

Escalating XSS to Sainthood with Nagios
https://blog.grimm-co.com/2021/11/escalating-xss-to-sainthood-with-nagios.html

Taking Azure Container Apps for a spin
https://blog.baeke.info/2021/11/03/taking-azure-container-apps-for-a-spin/

文字来源于- 火线 Zone-云安全社区,安全小天地只做文章分享,如有侵权,请联系站长删除


「渗透云记」公众号里主要记录我每天的所思所想,我会坚持更新质量不错的文章,感兴趣的小伙伴可以扫描下方二维码,谢谢支持! 安全小天地 - 公众号 - 渗透云记
© 版权声明
THE END
喜欢就支持一下吧
点赞8 分享
评论 抢沙发

请登录后发表评论

    请登录后查看评论内容