rce 31

• [HackerNotes Ep.108] How to Hack Salesforce, ServiceNow, and Other SaaS Products With Aaron Costello Feb 3, 2025
• 👩‍💻IW Weekly #121: RCE on Kafka UI, $2000 Bounty, Advanced SQL Injection Techniques, AWS Cognito Misconfigurations, Payment Bypass, and many more… Jul 29, 2024
• 👩‍💻IW Weekly #119: Universal Code Execution, Evernote RCE, Multiple ServiceNow CVEs, Escalating XSS Using Password Managers, DOMPurify Bug, CSS Injections and many more… Jul 15, 2024
• 👩‍💻IW Weekly #115: Abusing Auto-Mail Responders, $25,000 Github Takeover, AI in Bug Hunting, RCE on Tenda AC8 Router, GraphQL Hacking and many more… Jun 17, 2024
• 👩‍💻IW Weekly #113: Subdomain Takeovers to Credential Leaks, Stored XSS to RCE, VSCode SFTP File Exposure, $203K Bounties for Bugs in Azure Health Bot and many more… Jun 3, 2024
• 👩‍💻IW Weekly #107: CVE-2024-0333, $50,000 for hacking Google A.I, Auth-Bypass via Response Tampering, HTTP Request smuggling case study, Telegram RCE and many more… Apr 22, 2024
• 👩‍💻IW Weekly #102: Raining RCEs on Citrix, Microsoft Outlook and Fortigate, Security flaws in ChatGPT and third-party plugins, CRLF Injection, and many more… Mar 18, 2024
• 👩‍💻IW Weekly #98: Image to RCE, MySQL Server Access, Hacking College Website, RCE on Apple’s Production Server, Web-Cache Deception Vulnerability, Github Code Search, SSRF on Vercel and many more… Feb 19, 2024
• Hiding payloads in Java source code strings Jan 23, 2024
• High Signal Detection and Exploitation of Ivanti's Pulse Connect Secure Auth Bypass & RCE Jan 18, 2024
• Bug Bytes #218 – Advent of Cyber, RCEs and hacking poems Dec 5, 2023
• 👩‍💻IW Weekly #85: LFI to RCE, DoS Bugs, RXSS on Microsoft, Race Conditions, Finding Leaked Tokens, Bypassing URL Parsers and many more… Nov 13, 2023
• 👩‍💻IW Weekly #80: Broken Access Control, XSS Basics, GraphQL Introspection Query, RCE Vulnerabilities, XSS Challenge, Scanners for Web Security Research and many more … Oct 9, 2023
• RCE in Progress WS_FTP Ad Hoc via IIS HTTP Modules (CVE-2023-40044) Oct 3, 2023
• 👩‍💻IW Weekly #79: RCE in Google Chrome, CVE-2023-40044, OIDC misconfiguration to ATO, accessing millions of call recordings and many more.. Oct 2, 2023
• 👩‍💻IW Weekly #76: Android Native Libraries, Proton Mail’s Security, Source Code & Secrets exposed on Top Websites, Zero Click Mass ATO, CSP Protection Bypass on Google, Hacking Online Casino and many more.. Sep 11, 2023
• 👩‍💻IW Weekly #74: RCE through Dependency Confusion, 2FA bypass in Meta, Client side Prototype pollution and its prevention, Paywall bypass, SSRF tricks and many more.. Aug 28, 2023
• 👩‍💻IW Weekly #70: NFT Bridge Vulnerability, CVE-2023-3519 Deep Analysis, RCE in Huawei Theme Manager, Preauth RCE in Metabase, Chaining Bugs for Session Hijack and many more.. Jul 31, 2023
• 👩‍💻IW Weekly #69: OpenSSH RCE, Xamarin Applications Reverse Engineering, Puzzled XSS, CVE-2023-3519 analysis, XSS and CORS bypass and many more.. Jul 24, 2023
• Chaining our way to Pre-Auth RCE in Metabase (CVE-2023-38646) Jul 22, 2023
• Advisory: Metabase Pre-Auth RCE (CVE-2023-38646) Jul 21, 2023
• 👩‍💻IW Weekly #68: Account Takeover using Custom OTP, CVE-2023-36934, Investigating EC2 , XSS in hidden inputs , macOS user's real name brute-forced with mDNS and many more.. Jul 17, 2023
• Encrypted Doesn't Mean Authenticated: ShareFile RCE (CVE-2023-24489) Jul 4, 2023
• Advisory: ShareFile Pre-Auth RCE (CVE-2023-24489) Jul 3, 2023
• Remote Code Execution vs. Remote Command Execution vs. Code Injection vs. Command Injection vs. RCE Apr 2, 2022
• How to achieve enterprise-grade attack-surface monitoring with open source software Jul 21, 2021
• Pre-auth RCE in ForgeRock OpenAM (CVE-2021-35464) Jun 29, 2021
• Life's a Peach (Fuzzer): How to Build and Use GitLab's Open-Source Protocol Fuzzer May 22, 2021
• Open Sesame: Escalating Open Redirect to RCE with Electron Code Review Aug 14, 2020
• Don't Force Yourself to Become a Bug Bounty Hunter May 11, 2020
• Abusing URL Shortners to discover sensitive resources or assets Sep 22, 2015