bugbounty Leveraging Expression Language Injection (EL Injection) for RCE Expression Language injection or EL Injection for short is an attack vector I'd never heard of until recently. This post talks about leveraging EL for RCE.
ltr101 NMAP Tips: RTFM? NMAP TL;DR It's a tool used for portscanning and this post will explore some of the common and useful flags that can be used while scanning to pick up
weekend LTR101: My First CloudFront Domain Takeover/Hijack Sub Domain Hijack Issue Hijack/takeover attacks can happen when a company creates a DNS entry that points to a third party service(CNAME Record), however, forget about the third
bugbounty May the Shells be with You - A Star Wars RCE Adventure! Intro Continuing the non-ltr101 posts for a second here is a quick write-up of a cool bug I found recently on a bounty program. It features Remote Code Execution via
learning Blind XXE - Hunting in the Dark Before getting into the post, this isn't anything brand new or leet in the area of XML External Entity (Blind XXE) attacks, it is purely something I came across and
tool [Tools Release] GoogD0rker & AttackDeploy This post serves as a quick description of two scripts I have written and published on my Github. It's not often that I take or even have the time to
ltr101 LtR101: Selling Yourself & Hacking Your Career Path Having the technical skills are great, going to meet-ups and making the social contacts is even better. What really gets you in the door though? Knowing people? A CV? Being
bugbounty Bug Bounty Forum AMA (x-post from BBF) Introduction What is your name, if you do not want to disclose your name, what is your handle/nickname? Where are you from? How long have you been hacking? How
ltr101 LtR101: Book Published After almost 6 months, today is the day I finally finished & published: Breaking Into Information Security: Learning the Ropes 101. What does this mean exactly? Well more blog posts
Getting Started Web Application Testing - Tooling Having given an introduction into web app testing it is now time to move onto the tooling. Noting that this is for testing and not specifically bug bounty hunting. The
Getting Started Web Application Testing(Learning the Ropes 101)- Introduction To give some background, for those of you who do not already know I work as a pentester and my specialism is web application pentesting/penetration testing(also referred to
bugbounty gif it time it'll come to you - Finding More Holes in The Hub Following suit of stored cross site scripting vulnerabilities this post will talk about another issue I found in Pornhub. Unfortunately someone found before me and as a result this bug
bugbounty Persisting on Pornhub This guy again? More Pornhub bounty things? Well yeah, sort of. Recently I found a stored cross-site scripting vulnerability in Pornhub core(i.e pornhub.com). Allowing any user to
bugbounty Learning the Ropes 101: Stay Beautiful, Stay Verbose Having recently just arrived back from DEFCON 24 Las Vegas, I've not had a chance to write up much in regards to blogging and for that I am sorry! Anyway
bugbounty CSV Injection -> Meterpreter on Pornhub This post will discuss an issue I found regarding CSV injection on Pornhub.com, allowing a remote attacker to inject malicious code into video titles resulting in potential full compromise
bugbounty CSV Injection Revisited - Making Things More Dangerous(and fun) In this post, I will discuss several methods and remediation steps that can be used to help escape and mitigate CSV (Comma separated values) injection type attacks. For those of
bugbounty Popping the Pornhub Cherry Currently at time of writing I'm ranked #1 finder of Bugs on https://hackerone.com/pornhub which is a nice position to hold. This post is to explain the techniques
![[Tools Release] GoogD0rker & AttackDeploy](https://images.unsplash.com/photo-1534137667199-675a46e143f3?ixlib=rb-0.3.5&q=80&fm=jpg&crop=entropy&cs=tinysrgb&w=1080&fit=max&ixid=eyJhcHBfaWQiOjExNzczfQ&s=980bded661089e1f9e1ba92ee18dbe7a)
