Motasem HamdanCraft CMS Exploitation | HackTheBox Surveillance WalkthroughWe covered the walkthrough of HackTheBox Surveillance where we demonstrated the exploitation of the recent vulnerability CVE-2023–41892…6 min read·20 hours ago--
Theori Vulnerability ResearchinTheori BLOGChaining N-days to Compromise All: Part 1 — Chrome Renderer RCEThis blog post is first of the series about the vulnerabilities used in our 1-day full chain exploit we demonstrated on X. In this blog…12 min read·Mar 18, 2024--
Harsha KoushikAbusing a Distroless ContainerShell commands on shell-less containers4 min read·Jan 23, 2024--1--1
Swetha Adhirai NatarajanHelpful Hearts or Using Arts: The Fine Line Between Seeking Support and ExploitationLost in the Wrong World: A Poignant Reflection of Displacement and Longing3 min read·4 days ago--2--2
pedbapTelegram Web app XSS/Session Hijacking 1-clickThis is the technical write up of a severe vulnerability I reported to Telegram’s Bug Bounty program on March 9th, 2024. Telegram fixed…2 min read·Apr 28, 2024----
Motasem HamdanCraft CMS Exploitation | HackTheBox Surveillance WalkthroughWe covered the walkthrough of HackTheBox Surveillance where we demonstrated the exploitation of the recent vulnerability CVE-2023–41892…6 min read·20 hours ago--
Theori Vulnerability ResearchinTheori BLOGChaining N-days to Compromise All: Part 1 — Chrome Renderer RCEThis blog post is first of the series about the vulnerabilities used in our 1-day full chain exploit we demonstrated on X. In this blog…12 min read·Mar 18, 2024--
Harsha KoushikAbusing a Distroless ContainerShell commands on shell-less containers4 min read·Jan 23, 2024--1
Swetha Adhirai NatarajanHelpful Hearts or Using Arts: The Fine Line Between Seeking Support and ExploitationLost in the Wrong World: A Poignant Reflection of Displacement and Longing3 min read·4 days ago--2
pedbapTelegram Web app XSS/Session Hijacking 1-clickThis is the technical write up of a severe vulnerability I reported to Telegram’s Bug Bounty program on March 9th, 2024. Telegram fixed…2 min read·Apr 28, 2024--
STarXDuplicati: Bypassing Login Authentication With Server-passphraseINTRO :6 min read·Apr 26, 2024--
Mayank Kumar PrajapatiExploiting wp-cron.php to peform DoS attackWhat is wp-cron.php3 min read·Oct 29, 2023--
0xRaveHow a Simple Typo in Telegram’s Code Unleashed Remote Code ExecutionDisclaimer: This content is for educational purposes only. Do not attempt any exploits or vulnerabilities without proper authorization…3 min read·Apr 25, 2024--