| P3 (Medium) : How I Gain Access To NASA's Internal Workspace?! |
|
|
|
| How I Got Bugs From Google Dorks |
|
|
|
| How I can easily get four P1 at NASA using Simple Google Dorking. |
|
|
|
| Vulnerabilities in Homepage Dashboard |
|
|
|
| How 1 Exposed Honeywell API Gave us Control Over an Internal Engineering System |
|
|
|
| $1600 Bounty on a Main Domain |
|
|
|
| Breaking the Barrier: Admin Panel Takeover Worth $3500 |
|
|
|
| Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources |
|
|
|
| How I Got Critical P2 Bug on Google VRP |
|
|
|
| ElasticSearch Smash & Grab |
|
|
|
| NO_WILDCARD: How I discovered the Organization ID of any AWS Account |
|
|
|
| Information Disclosure that made me $2000 in under 5 minutes |
|
|
|
| How I Found and Bypassed a Spring Boot Actuator Information Disclosure Bug |
|
|
|
| Traeger Grill D2 Wi-Fi Controller, Version 2.02.04 |
|
|
|
| Finding Hidden Threats: How I Found Leaked AWS Credentials in an Android App API Using DAST |
|
|
|
| 17 vulnerabilities in Sharp Multi-Function Printers |
|
|
|
| How I compromised 1500 accounts/month with no technical skill |
|
|
|
| Phantom Secrets: Undetected Secrets Expose Major Corporations |
|
|
|
| Non-Production Endpoints as an Attack Surface in AWS |
|
|
|
| AWS CloudQuarry: Digging For Secrets In Public AMIs |
|
|
|
| How i Find Database Credentials via Mass Recon & Recon Scoping on Gcash |
|
|
|
| How i Manage to Get Sensitive Informations via docker image |
|
|
|
| LeakyCLI: AWS and Google Cloud Command-Line Tools Can Expose Sensitive Credentials in Build Logs |
|
|
|
| $20,300 Bounties from a 200 Hour Hacking Challenge |
|
|
|
| Leaking ObjRefs to Exploit HTTP .NET Remoting |
|
|
|
writeups.xyz
/
Information Disclosure