| 48 | The 30000$ Bounty Affair. |
RCE
Missing authentication
Exposed Jenkins instance |
NA |
Gokulsspace (@GokTest) |
Bug Bounty | 2023-05-28 | 2023-06-13 |
| 46 | Exploit an unexploitable XSS via an open redirect — A Real-Life Scenario from a Hacker’s Mindset |
XSS
Open redirect |
NA |
Ziad Ali |
Bug Bounty | 2023-05-29 | 2023-06-13 |
| 45 | Hunting For Password Reset Tokens By Spraying And Using HTTP Pipelining |
Password reset
Account takeover |
NA |
Tom Neaves |
Bug Bounty | 2023-05-30 | 2023-06-13 |
| 42 | Vulnerabilities In Apache Commons-Text 1.10.0 |
Path traversal
XXE |
Apache Commons Text |
Chris (@mc_0wn) |
Bug Bounty | 2023-05-30 | 2023-06-13 |
| 38 | Ghost Sites: Stealing Data From Deactivated Salesforce Communities |
Salesforce
Security misconfiguration |
NA |
Nitay Bachrach |
Bug Bounty | 2023-05-31 | 2023-06-13 |
| 37 | Anatomy of an IoT Exploit, from Hands-On to RCE |
IoT
RCE
Buffer Overflow
Memory corruption |
Wavlink |
David Baker |
Bug Bounty | 2023-06-01 | 2023-06-13 |
| 36 | CVE-2023-24941: Microsoft Network File System Remote Code Execution |
RCE
NFS |
Microsoft (Windows) |
Quinton Crist |
Bug Bounty | 2023-06-01 | 2023-06-13 |
| 35 | Bypassing An Industry-Leading WAF and Exploiting SQLi |
SQL injection
WAF bypass |
NA |
Adeeb Shah |
Bug Bounty | 2023-06-01 | 2023-06-13 |
| 33 | Prototype Pollution Akamai |
Client-side prototype pollution
WAF bypass |
NA |
Sudhanshu Rajbhar (@sudhanshur705) |
Bug Bounty | 2023-06-03 | 2023-06-13 |
| 32 | Rate Limit Bypass Leads to 0 Click ATO |
Rate limiting bypass
Bruteforce
Password reset
Account takeover |
NA |
ZeroXUF (@ZeroXUF) |
Bug Bounty | 2023-06-04 | 2023-06-13 |
| 31 | How a misconfigured Lotus Domino Server can lead to Disclosure of PII Data of Employees, Configuration Details about the Active Directory, etc |
Lotus Domino
Security misconfiguration
Information disclosure |
NA |
Aayush Vishnoi (@AayushVishnoi10) |
Bug Bounty | 2023-06-04 | 2023-06-13 |
| 30 | AWS Chain Attack- Thousands of Vulnerable EKS Clusters |
AWS Kubernetes
EKS
Container escape
Security misconfiguration |
NA |
Chen Shiri (@ChenShiri73) |
Bug Bounty | 2023-06-04 | 2023-06-13 |
| 27 | Bypassing CSP via DOM clobbering |
DOM Clobbering
CSP bypass |
NA |
Gareth Heyes (@garethheyes) |
Bug Bounty | 2023-06-05 | 2023-06-13 |
| 26 | Storing Passwords - A Journey Of Common Pitfalls |
Pass-the-Hash
Authentication flaw
Security code review |
STARFACE |
RedTeam Pentesting (@RedTeamPT) |
Bug Bounty | 2023-06-05 | 2023-06-13 |
| 23 | CVE-2022-32902: Patch One Issue and Introduce Two |
TCC bypass
Local Privilege Escalation |
Apple (macOS) |
Mickey Jin (@patch1t) |
Bug Bounty | 2023-06-06 | 2023-06-13 |
| 5 | How to prepare for PWK/OSCP, a noob-friendly guide |
OSCP |
Offensive Security |
@abatchy |
Certification Journey | 2017-03-04 | 2023-07-10 |
| 4 | Luke’s Ultimate OSCP Guide - Part 3 |
OSCP |
Offensive Security |
@hakluke |
Certification Journey | 2018-03-21 | 2023-07-10 |
| 3 | Luke’s Ultimate OSCP Guide - Part 2 |
OSCP |
Offensive Security |
@hakluke |
Certification Journey | 2018-02-16 | 2023-07-10 |
| 2 | Luke’s Ultimate OSCP Guide - Part 1 |
OSCP |
Offensive Security |
@hakluke |
Certification Journey | 2018-02-15 | 2023-07-10 |
