ssrf 13
- 👩💻IW Weekly #132: Account Takeover on Palo Alto Networks, SQLi Cheat Sheet, Pre-Auth SQL Injection in WhatsUp Gold, SSRF Automation, Bypassing Sanitizers using MXSS, and many more…
- 👩💻IW Weekly #125: AWS ALBeast Vulnerability, SSRF Bug In Microsoft’s Copilot Studio, Cache Misconfiguration Exploit, Web Caching, DEF CON 32, Game Hacking, and many more…
- 👩💻IW Weekly #122: SSRF, Password Reset Vulnerability, XSS in Hotjar, Single-Packet Attack, WhatsApp Desktop Code Execution, Business Logic Errors and many more…
- 👩💻IW Weekly #111: SSRF in NextJS, Blind SSRF on WordPress, ChatGPT Rate Limit Bypass, IDOR at Swiggy and many more...
- 👩💻IW Weekly #100🎉Server-Side Prototype Pollution, Zero-Click ATO Exploit, SSRF Bugs, GRX Interface address using TCP, GraphQL API Schemas, XSS for ATO, IDOR, Unicode Normalization and many more…
- 👩💻IW Weekly #98: Image to RCE, MySQL Server Access, Hacking College Website, RCE on Apple’s Production Server, Web-Cache Deception Vulnerability, Github Code Search, SSRF on Vercel and many more…
- 👩💻IW Weekly #86: CVE-2023-46729, Hacked Google’s Bug Tracking System, Outsmarting AI Models, Sandbox Escaping, Self-Redirect to XSS, Critical 0-day XXE to SSRF and many more…
- 👩💻IW Weekly #75: Privilege Escalation by request manipulation, PII Disclosure by manipulating parameters, PII leak using misconfigured API, CRLF to XSS, Blind SSRF with Out-of-band Detection and many more..
- 👩💻IW Weekly #74: RCE through Dependency Confusion, 2FA bypass in Meta, Client side Prototype pollution and its prevention, Paywall bypass, SSRF tricks and many more..
- 👩💻IW Weekly #71: Introduction to AD pentesting, XSS via exported activity, using HOTW to leak CSRF token, full access to airline points, SSRFs and many more..
- 👩💻IW Weekly #67: Joining Google as Red Teamer, Finding 100 vulnerabilities, Tale of DOM-XSS, Impactful SSRF, Busting fake Privacy Policy and many more..
- A Glossary of Blind SSRF Chains
- Leveraging an SSRF to leak a secret API key