Introduction Getting started with bug hunting is hard. Platforms such as Hackerone and BugCrowd provide ample legal targets. However, those…
This is part 2 of 2 thus far. See here for part 1 written up by Aaron. ———————————————————————————————————————————————————————————————————————– CVE-2020-25376 –…
Tested against – Subscribe Sidebar plugin by Blubrry v1.3.1 | WordPress v5.4.1 Reflected XSS Reflected XSS [https://wordpress.org/plugins/subscribe-sidebar/](https://wordpress.org/plugins/subscribe-sidebar/) The “status” GET…
Myself and Guy recently decided to once again attempt to step into the world of Bug Hunting. Our previous attempts…
Hey guys, First up. Want to give a big thanks to Cyber_Jellyfish @ research.irukandjisec.com for taking the time to explain…
Overview Whilst studying for the Cracking the Perimeter you will come across many references to the Spike fuzzer. This is…
Introduction As part of my Cracking The Perimeter course, I am doing the usual recommendation of recreating exploits from exploit-db.…
Python3+ So I played around with writing a reverse shell in python that can run on both Windows and Linux…
This was made for a virtual environment that had restricted functions between the End Host and the Virtual Environment. Unable…