auth 21

[HackerNotes Ep.110] Oauth Gadget Correlation and Common Attacks Feb 14, 2025
👩‍💻IW Weekly #132: Account Takeover on Palo Alto Networks, SQLi Cheat Sheet, Pre-Auth SQL Injection in WhatsUp Gold, SSRF Automation, Bypassing Sanitizers using MXSS, and many more… Oct 14, 2024
👩‍💻IW Weekly #123: Web Timing Attacks, Confusion Attacks, LUCI AuthDB Leak, LHEs vs Pwn2Owns, Reverse Engineering 101 and many more… Aug 12, 2024
👩‍💻IW Weekly #120: Mass Request Smuggling, 1000$ Open Redirect, CSS Injection, Jupyter Auth Token Leak, CrowdStrike Issue and many more... Jul 22, 2024
👩‍💻IW Weekly #107: CVE-2024-0333, $50,000 for hacking Google A.I, Auth-Bypass via Response Tampering, HTTP Request smuggling case study, Telegram RCE and many more… Apr 22, 2024
👩‍💻IW Weekly #96: Windows Driver to Working EDR, Auth-Bypass within Ivanti’s Pulse Connect Secure, Infostealer Malware, Binary Emulation, Google Domain Tier Concepts and many more… Feb 5, 2024
High Signal Detection and Exploitation of Ivanti's Pulse Connect Secure Auth Bypass & RCE Jan 18, 2024
👩‍💻IW Weekly #92: Hacking Adobe For $50K, Google OAuth Hack, SSTI, Self XSS to Stored XSS, JSLuice Tips, Dealing With Burnout, SQL Injection Worth $4K and many more… Dec 25, 2023
👩‍💻IW Weekly #91: Hacking Adobe For $50K, Google OAuth Hack, SSTI, Self XSS to Stored XSS, JSLuice Tips, Dealing With Burnout, SQL Injection Worth $4K and many more… Dec 25, 2023
👩‍💻IW Weekly #87: Okta for Red Teamers, Hijacking OAuth, Account Hijacking via Invite Flows, Full Time Bug Bounty Hunting, Unpredictable IDs in IDOR and many more… Nov 27, 2023
👩‍💻IW Weekly #83: CVE-2023-4966, Address Bar Spoofing, SQLi to NTLM, Okta Breach, UPI Security, PII via Frontend Authentication Redirects and many more… Oct 30, 2023
👩‍💻IW Weekly #81: Chrome SOP Bypass, Unauthorized access to Admin panel, Access to Instagram’s private posts, Looney Tunable Linux Privilege escalation [CVE-2023-4911], NoSQL injections and many more… Oct 16, 2023
👩‍💻IW Weekly #78: OAuth Misconfiguration, Account Takeover, Virtual Hosts, SQL Injection, Hacker Tweets, Advanced Root Detection Bypass Techniques and many more.. Sep 25, 2023
👩‍💻IW Weekly #70: NFT Bridge Vulnerability, CVE-2023-3519 Deep Analysis, RCE in Huawei Theme Manager, Preauth RCE in Metabase, Chaining Bugs for Session Hijack and many more.. Jul 31, 2023
Chaining our way to Pre-Auth RCE in Metabase (CVE-2023-38646) Jul 22, 2023
Advisory: Metabase Pre-Auth RCE (CVE-2023-38646) Jul 21, 2023
Encrypted Doesn't Mean Authenticated: ShareFile RCE (CVE-2023-24489) Jul 4, 2023
Advisory: ShareFile Pre-Auth RCE (CVE-2023-24489) Jul 3, 2023
Pre-auth RCE in ForgeRock OpenAM (CVE-2021-35464) Jun 29, 2021
Hidden OAuth attack vectors Mar 24, 2021
Eradicating image authentication injection from the entire internet May 10, 2017

Trending Tags

newsletter bypass xss cve web rce security exploit takeover app