| Zoom Session Takeover - Cookie Tossing Payloads, OAuth Dirty Dancing, Browser Permissions Hijacking, and WAF abuse |
|
|
|
| Google OAuth is broken (sort of) |
|
|
|
| I Hope This Sticks: Analyzing ClipboardEvent Listeners for Stored XSS |
|
|
|
| Pre-hijacked accounts: An Empirical Study of Security Failures in User Account Creation on the Web |
|
|
|
| Spoofing SaaS Vanity URLs for Social Engineering Attacks |
|
|
|
| Zooming in on Zero-click Exploits |
|
|
|
| Zoom RCE from Pwn2Own 2021 |
|
|
|
| Part 2: Dive into Zoom Applications |
|
|
|
| Part-1 Dive into Zoom Applications |
|
|
|
| Link Previews: How a Simple Feature Can Have Privacy and Security Risks |
|
|
|
| Hacking Zoom: Uncovering Tales of Security Vulnerabilities in Zoom |
|
|
|
| Zoom Security Exploit – Cracking private meeting passwords |
|
|
|
| XSS in Zoom.us Signup Flow |
|
|
|
| Patched Zoom Exploit: Altering Camera Settings via Remote SQL Injection |
|
|
|
| How i hacked worldwide ZOOM users |
|
|
|
| Remotely Hijacking Zoom Clients |
|
|
|
writeups.xyz
/
Zoom