Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
445Abusing Azure App Service Managed Identity Assignments Cloud Microsoft (Azure) Andy Robbins (@_wald0) Bug Bounty2023-02-152023-06-13
433Disabling ClamAV as an Unprivileged User Local Privilege Escalation ClamAV Arch Cloud Labs (@DLL_Cool_J) Bug Bounty2023-02-192023-06-13
419Taking over “Google Cloud Shell” by utilizing capabilities and Kubelet Container escape RCE Kubernetes NA Chen Shiri (@ChenShiri73) Bug Bounty2023-02-212023-06-13
371Gitpod remote code execution 0-day vulnerability via WebSockets RCE Websockets Cross-Site WebSocket Hijacking (CSWH) Cloud Samesite cookie bypass Account takeover Gitpod Elliot Ward Bug Bounty2023-03-012023-06-13
356Bypass TCC via iCloud TCC bypass Local Privilege Escalation Apple (macOS) Wojciech Reguła (@_r3ggi) Bug Bounty2023-03-042023-06-13
350500$ Bounty in just 5 minutes through Recon!!!! AWS misconfiguration Cloud storage misconfiguration NA Himanshu Pdy (@himanshu_pdy) Bug Bounty2023-03-052023-06-13
308Microsoft Defender for Cloud Management Port Exposure Confusion Cloud Security misconfiguration Microsoft Aaron Sawitsky Bug Bounty2023-03-142023-06-13
278Bypassing CloudTrail in AWS Service Catalog, and Other Logging Research Cloud CloudTrail bypass AWS Nick Frichette (@frichette_n) Bug Bounty2023-03-202023-06-13
270Escalating Privileges with Azure Function Apps Privilege escalation Cloud Container escape RCE Microsoft (Azure) Karl Fosaaen (@kfosaaen) Bug Bounty2023-03-232023-06-13
267Hacking AI: System and Cloud Takeover via MLflow Exploit LFI RFI RCE MLflow Dan McInerney (@DanHMcInerney) Bug Bounty2023-03-252023-06-13
263Using an Undocumented Amplify API to Leak AWS Account IDs Cloud Information disclosure AWS Nick Frichette (@frichette_n) Bug Bounty2023-03-272023-06-13
256I’d TAP That Pass Azure AD Cloud OAuth NA Daniel Heinsen (@hotnops) Bug Bounty2023-03-292023-06-13
255BingBang: The AAD misconfiguration that led to Bing.com results manipulation and account takeover explained Account takeover Azure AD Cloud XSS Privilege escalation Microsoft (Bing) Hillai Ben-Sasson (@hillai) Bug Bounty2023-03-292023-06-13
251Riding the Azure Service Bus (Relay) into Power Platform RCE Cross-tenant vulnerability Cloud Insecure deserialization Microsoft (Azure) Nick Landers (@monoxgas) Bug Bounty2023-03-302023-06-13
248Super FabriXss: From XSS to an RCE in Azure Service Fabric Explorer by Abusing an Event Tab Cluster Toggle (CVE-2023-23383) RCE XSS Cloud Microsoft (Azure) Lidor Ben Shitrit Bug Bounty2023-03-302023-06-13
236Two Minor Cross-Tenant Vulnerabilities in AWS App Runner Cross-tenant vulnerability Cloud AWS Nick Frichette (@frichette_n) Bug Bounty2023-04-032023-06-13
210From listKeys to Glory: How We Achieved a Subscription Privilege Escalation and RCE by Abusing Azure Storage Account Keys Cloud Privilege escalation Microsoft (Azure) Roi Nisimi (@) Bug Bounty2023-04-112023-06-13
182#BrokenSesame: Accidental write’ permissions to private registry allowed potential RCE to Alibaba Cloud Database Services Cloud RCE Container escape Kubernetes Privilege escalation Lateral movement Supply chain attack Cross-tenant vulnerability Alibaba Ronen Shustin (@ronenshh) Bug Bounty2023-04-192023-06-13
177How I hacked hackers in Voorivex Hunt Event Cloudflare bypass WAF bypass Account takeover NA snoopy (@snoopy101101) Bug Bounty2023-04-192023-06-13
176CVE-2022-29844: A Classic Buffer Overflow On The Western Digital My Cloud Pro Series PR4100 Buffer Overflow Memory corruption RCE Western Digital Luca Moro (@johncool__) Bug Bounty2023-04-202023-06-13
171GhostToken – Exploiting GCP application infrastructure to create invisible, unremovable trojan app on Google accounts Cloud OAuth Authorization bypass Google (GCP) Astrix Security (@AstrixSecurity) Bug Bounty2023-04-202023-06-13
136AWS Identity Center (formerly known as AWS SSO): A Guide to Privilege Escalation and Identity and Access Management Privilege escalation Cloud AWS Jason Kao Bug Bounty2023-05-012023-06-13
132Securing Databricks cluster init scripts Privilege escalation Cloud Databricks Elia Florio Bug Bounty2023-05-022023-06-13
131Exploiting misconfigured Google Cloud Service Accounts from GitHub Actions OpenID Connect Cloud CI/CD NA Revblock (@revbl0ck) Bug Bounty2023-05-022023-06-13
130When you%27re so bored, you start debugging someone else%27s code: bug hunting in a random Cloud-Native project SSTI RCE Foreman ONSEC.io Research Team Bug Bounty2023-05-032023-06-13