exploit 25

• 👩‍💻IW Weekly #129: Google VRP Blog, CVE-2024-29847 Exploit, Hotstar Hacked, Bug Bounty Tips, OSINT Explained, and many more… Sep 23, 2024
• 👩‍💻IW Weekly #125: AWS ALBeast Vulnerability, SSRF Bug In Microsoft’s Copilot Studio, Cache Misconfiguration Exploit, Web Caching, DEF CON 32, Game Hacking, and many more… Aug 26, 2024
• Gotta cache 'em all: bending the rules of web cache exploitation Aug 8, 2024
• Splitting the email atom: exploiting parsers to bypass access controls Aug 7, 2024
• Fickle PDFs: exploiting browser rendering discrepancies Jul 9, 2024
• 👩‍💻IW Weekly #117: API Hacking, Hacking Large Corporations, CrushFTP Exploit, NextJS & Cache Poisoning, Prototype Pollution, Nested Deserialization and many more… Jul 1, 2024
• 👩‍💻IW Weekly #104: ClickHouse, Velociraptor, WAF bypass techniques, Path Traversal Vulnerabilities, io_uring Vulnerability in Ubuntu, Shockwave Attack Surface Management, .NET Remoting Exploits, Github dorks and many more… Apr 1, 2024
• 👩‍💻IW Weekly #100🎉Server-Side Prototype Pollution, Zero-Click ATO Exploit, SSRF Bugs, GRX Interface address using TCP, GraphQL API Schemas, XSS for ATO, IDOR, Unicode Normalization and many more… Mar 4, 2024
• 👩‍💻IW Weekly #97: XSS on Microsoft Whiteboard and Excalidraw, ChatGPT Account Takeover, reverse engineered ESP32-based air purifier, advanced HTTP header exploitation techniques, PikaBot Malware Analysis and many more… Feb 12, 2024
• 👩‍💻IW Weekly #94: 2FA Bypass, Decoding Obfuscated JavaScript, Exploiting Password Reset Functionality, AWS S3 Bucket Takeover, Invisible Prompt Injections and many more… Jan 22, 2024
• High Signal Detection and Exploitation of Ivanti's Pulse Connect Secure Auth Bypass & RCE Jan 18, 2024
• 👩‍💻IW Weekly #92: Cloudflare Pages Vulnerabilities Analysis, CORS Cache Exploitation Automating RTFM with ChatGPT, Shrewdeye Bash, XSS to ATO, Bypassing Door Passwords and many more… Jan 8, 2024
• 👩‍💻IW Weekly #89: Business Logic Vulnerability, DNS Poisoning, XSS Exploitation to Steal Credentials, Payment Processor Hacking, Second Order SQL Injections, Blind CSS Exfiltration, Symfony Exploits and many more… Dec 11, 2023
• Finding and Exploiting Citrix NetScaler Buffer Overflow (CVE-2023-3519) (Part 3) Aug 8, 2023
• Exploiting XSS in hidden inputs and meta tags Jul 11, 2023
• Exploiting prototype pollution in Node without the filesystem Mar 23, 2023
• Exploiting Web3's Hidden Attack Surface: Universal XSS on Netlify's Next.js Library Sep 21, 2022
• Exploiting Improper Validation of Amazon Simple Notification Service SigningCertUrl Aug 29, 2022
• You Have One New Appwntment: Exploiting iCalendar Properties in Enterprise Applications Aug 18, 2022
• uBlock, I exfiltrate: exploiting ad blockers with CSS Dec 6, 2021
• ROP and Roll: EXP-301 Offensive Security Exploit Developer (OSED) Review and Exam Jun 23, 2021
• A Tale of Two Formats: Exploiting Insecure XML and ZIP File Parsers to Create a Web Shell Feb 18, 2020
• Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty Nov 1, 2019
• Exploiting Directory Traversal to View Customer Credit Card Information on Yahoo's Small Business Platform Nov 10, 2017
• Exploiting Markdown Syntax and Telescope Persistent XSS through Markdown (CVE-2014-5144) Feb 7, 2015