api 11

👩‍💻IW Weekly #117: API Hacking, Hacking Large Corporations, CrushFTP Exploit, NextJS & Cache Poisoning, Prototype Pollution, Nested Deserialization and many more… Jul 1, 2024
👩‍💻IW Weekly #114: 4-Step Bug Hunting Methodology, CVE-2024-4358, Reflector, Bypass SSL Pinning, GraphQL API Vulnerabilities and many more… Jun 10, 2024
👩‍💻IW Weekly #100🎉Server-Side Prototype Pollution, Zero-Click ATO Exploit, SSRF Bugs, GRX Interface address using TCP, GraphQL API Schemas, XSS for ATO, IDOR, Unicode Normalization and many more… Mar 4, 2024
👩‍💻IW Weekly #86: CVE-2023-46729, Hacked Google’s Bug Tracking System, Outsmarting AI Models, Sandbox Escaping, Self-Redirect to XSS, Critical 0-day XXE to SSRF and many more… Nov 20, 2023
👩‍💻IW Weekly #75: Privilege Escalation by request manipulation, PII Disclosure by manipulating parameters, PII leak using misconfigured API, CRLF to XSS, Blind SSRF with Out-of-band Detection and many more.. Sep 4, 2023
👩‍💻IW Weekly #66: Citrix Gateaway-XSS, Web cache Deception, DNS Analyzer, ATO to XSS in GarphQL API, AWS S3 Bucket Leaks, $250K Coinbase API Hack and many more… Jul 3, 2023
Scraping the bottom of the CORS barrel (part 1) Aug 4, 2022
Bypassing Firefox's HTML Sanitizer API Jun 29, 2022
KiteRunner – Hacker Tools: Next-level API hacking 👩‍💻 Sep 7, 2021
Leveraging an SSRF to leak a secret API key Jun 22, 2020
Closing the Loop: Practical Attacks and Defences for GraphQL APIs May 15, 2020

Trending Tags

newsletter bypass xss cve web rce security exploit takeover app