As many of you already know, recently, I migrated BBRE Premium to a new platform that runs on WordPress. The way problems are solved here is by installing more plugins. And then even more. And I am very interested in their security. One day, I just took a quick look...
#29
Java’s fantastic URL class
Do you think these URLs are equal to each other? I also would say they are not but Java has a different opinion on it. Turns out that for Java’s URL class, two URLs are equal if they are resolved to the same IP addresses. This just sounds soo bad. As per replies under...
Finding Swagger UI XSS at scale
Dawid Moczadło wrote a blogpost about finding an XSS in Swagger UI. Swagger is a very popular way of presenting API docs. Finding a bug like this allowed him to then find this bug at scale and get many bounties for it....
Trailing dot domain bypasses
Last week, I published a video on YouTube about my $1,500 bug in Stripe. It was a domain denylist bypass in a tool that is supposed to prevent SSRFs. https://youtu.be/Ga9o--v-grA The trick I used there was a trailing dot - I shared it in BBRE Premium before: 10...
Deserialisation explained
Deserialisation was one of the bug classes that I didn’t understand for a long time yet I thought it is a very good, advanced technique. You know, it has a cool name and usually results in an RCE. One of you suggested me this topic on our Discord, so here it is! Let’s...
Pentest mindset vs bug bounty mindset – my thoughts so far
I got interested in bug bounty a loong time ago, shortly after I discovered the web security industry. Since then I knew that I wanted to do it. I am not ashamed to admit that, at first, the main motivator was money. Especially, since I live in Poland where earnings...
Finding bugs that others miss
I miss bugs. You miss bugs. Everyone misses bugs. Just most often, we don’t even know that. But why do we miss bugs? This is the question that James Kettle is trying to answer in his talk called Hunting Evasive Vulnerabilities: Finding Flaws That Others Miss. Here are...