!
也想出现在这里? 联系我们
创意广告

bugbounty技巧聚合20211110

漏洞报告

【Internet Bug Bounty 4,000 USD】Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49
https://hackerone.com/reports/1394916

【Rockset】Failure to Invalid Session after Password Change
https://hackerone.com/reports/957557

【Rockset】A member-member privilege could access the https://console.rockset.com/billing?tab=payment page even though the billing page is hidden from the menu
https://hackerone.com/reports/946384

挖洞技巧

Becoming A Super Admin In Someone Elses Gsuite Organization And Taking It Over
https://secreltyhiddenwriteups.blogspot.com/2021/11/becoming-super-admin-in-someone-elses.html

挖洞工具

A burp-suite plugin that extract all parameter names from in-scope requests
https://github.com/Co0nan/ParamsExtractor

文字来源于- 火线 Zone-云安全社区,安全小天地只做文章分享,如有侵权,请联系站长删除


「渗透云记」公众号里主要记录我每天的所思所想,我会坚持更新质量不错的文章,感兴趣的小伙伴可以扫描下方二维码,谢谢支持! 安全小天地 - 公众号 - 渗透云记
© 版权声明
THE END
喜欢就支持一下吧
点赞9 分享
评论 抢沙发

请登录后发表评论

    请登录后查看评论内容