bugbounty技巧聚合20211124

漏洞报告

【XVIDEOS 】No-Rate limit of current password on delete account endpoint(https://www.xvideos.com/account/close)
https://hackerone.com/reports/1392287

【DigitalOcean】Blind XSS via Digital Ocean Partner account creation form.
https://hackerone.com/reports/880591

挖洞技巧

Hacking the Cloud
https://hackingthe.cloud/

Aruba in Chains: Chaining Vulnerabilities for Fun and Profit
https://alephsecurity.com/2021/07/15/aruba-instant/

Our 3rd annual bug bounty contest: the swagtastic sequel to the sequel
https://about.gitlab.com/blog/2021/11/01/3rd-annual-bug-bounty-contest/#-increased-bounties-across-all-bounty-ranges-

Reverse engineering & modifying Android apps with JADX & Frida
https://httptoolkit.tech/blog/android-reverse-engineering/

CVE Trends
https://cvetrends.com/

挖洞工具

条件竞争测试
https://github.com/Cache-Money/chronorace

文字来源于- 火线 Zone-云安全社区,安全小天地只做文章分享,如有侵权,请联系站长删除


「渗透云记」公众号里主要记录我每天的所思所想,我会坚持更新质量不错的文章,感兴趣的小伙伴可以扫描下方二维码,谢谢支持! 安全小天地 - 公众号 - 渗透云记
© 版权声明
THE END
喜欢就支持一下吧
点赞9 分享
评论 抢沙发

请登录后发表评论

    请登录后查看评论内容