Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
5148Samsung Galaxy Apps MiTM vulnerabilities MiTM Android Samsung Simone Margaritelli (@evilsocket) Bug Bounty2016-08-172023-06-13
4992Stealing 0Auth Token (MITM) OAuth NA Arbaz Hussain (@ArbazKiraak) Bug Bounty2017-09-012023-06-13
4217Scary Bug in Burp Suite Upstream Proxy Allows Hackers to Hack Hackers MiTM PortSwigger Armaan Pathan (@armaancrockroax) Bug Bounty2019-04-062023-06-13
4040500$ bounty: Man in the Middle on Slack MiTM Slack Wiard van Rij / Sysrant (@RijWiard) Bug Bounty2019-07-152023-06-13
3965Kaspersky in the Middle – what could possibly go wrong? Clickjacking Universal XSS MiTM Kaspersky Wladimir Palant (@WPalant) Bug Bounty2019-08-192023-06-13
3732Update: Want to take over the Java ecosystem? All you need is a MITM! MiTM Insecure communications Github Jonathan Leitschuh (@jlleitschuh) Bug Bounty2020-01-082023-06-13
3721The trouble with Microsoft’s Troubleshooters RCE MiTM Microsoft Imre Rad (@ImreRad) Bug Bounty2020-01-152023-06-13
2799SHAREit Flaw Could Lead to Remote Code Execution Android RCE MiTM Man-in-the-Disk attack Insecure intent Vulnerable Android content provider SHAREit Echo Duan Bug Bounty2021-02-152023-06-13
2760Host MITM attack via IPv6 rogue router advertisements (K8S CVE-2020-10749 / Docker CVE-2020-13401 / LXD / WSL2 / ...) MiTM Kubernetes Etienne Champetier / champtar Bug Bounty2021-02-282023-06-13
2759Kubernetes man in the middle using LoadBalancer or ExternalIPs (CVE-2020-8554) MiTM Kubernetes Etienne Champetier / champtar Bug Bounty2021-02-282023-06-13
2743Content Injection (RCE) in Yandex Browser for Android [2018] MiTM Yandex Nightwatch Cybersecurity (@nightwatchcyber) Bug Bounty2021-03-032023-06-13
2517Metadata service MITM allows root privilege escalation (EKS / GKE) Kubernetes Privilege escalation MiTM Google Etienne Champetier / champtar Bug Bounty2021-05-302023-06-13
2414Unencrypted HTTP Links to Google Scholar in Search MiTM Google David Schütz (@xdavidhu) Bug Bounty2021-07-132023-06-13
2293Pwn2Own Vancouver 2021 :: Microsoft Exchange Server Remote Code Execution RCE MiTM Microsoft Steven Seeley (@steventseeley) Bug Bounty2021-08-252023-06-13
2206Mama Always Told Me Not to Trust Strangers without Certificates MiTM RCE Netgear Adam (@AdamOfDc949) Bug Bounty2021-09-212023-06-13
2153ESET Endpoint Security credentials theft Credentials sent over unencrypted channel MiTM ESET Mehdi Alouache Bug Bounty2021-10-122023-06-13
1424CVE-2022-32208: FTP-KRB bad message verification MiTM Internet Bug Bounty (curl) Harry Sintonen Bug Bounty2022-06-272023-06-13
1301Vulnerability in Dahua’s ONVIF Implementation Threatens IP Camera Security MiTM Dahua Nozomi Networks Labs (@nozominetworks) Bug Bounty2022-07-282023-06-13
1249Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software RCE OS command injection Local Privilege Escalation MiTM Cisco Jake Baines (@Junior_Baines) Bug Bounty2022-08-112023-06-13
1204Trust Me, I’m a Robot: Can We Trust RPA With Our Most Guarded Secrets? Robotic Process Automation Insecure deserialization SQL injection MiTM Blue Prism Nimrod Stoler (@n1mr0d5) Bug Bounty2022-08-182023-06-13
1107Baxter SIGMA Spectrum Infusion Pumps: Multiple Vulnerabilities (FIXED) Hardcoded credentials Memory corruption MiTM Information disclosure Baxter Healthcare Deral Heiland (@Percent_X) Bug Bounty2022-09-082023-06-13
1080Security Advisory: NETGEAR Routers FunJSQ Vulnerabilities OS command injection RCE MiTM Netgear Quentin Kaiser (@QKaiser) Bug Bounty2022-09-142023-06-13
1027Layer 2 network security bypass using VLAN 0, LLC/SNAP headers and invalid length Layer 2 networking vulnerability Ethernet MiTM DoS Microsoft Cisco Etienne Champetier / champtar Bug Bounty2022-09-272023-06-13
898RC4 Is Still Considered Harmful Kerberos MiTM Local Privilege Escalation Downgrade attack Microsoft (Windows) James Forshaw (@tiraniddo) Bug Bounty2022-10-272023-06-13
466A tale of a full Business Takeover — Red Team Diaries MITM Credential stuffing Password spraying NA Dhanesh Dodia - HeyDanny (@Dhanesh_Dodia) Bug Bounty2023-02-112023-06-13