| Reflected XSS in Tokopedia Train Ticket |
|
|
|
| Using Burp Suite match and replace settings to escalate your user privileges and find hidden features |
|
|
|
| Get as image function pulls any Insights/NRQL data from any New Relic account (IDOR) |
|
|
|
| GraphQL abuse: Bypass account level permissions through parameter smuggling |
|
|
|
| Abusing internal API to achieve IDOR in New Relic |
|
|
|
| Cracking the lens: targeting HTTP's hidden attack-surface |
|
|
|
writeups.xyz
/
New Relic