BBRE Premium
  • Case Studies
  • Archive by issues
  • Courses
  • Archive by category
  • Account
Select Page

Finding Vulnerabilities with MRVA CodeQL

#62, Source code

You are unauthorized to view this page.

How to write a new CodeQL query and maximise payout? RCE via ZipSlip query

#51, Source code

You are unauthorized to view this page.

From finding the target, the bug, through getting the CVE, up to my first CodeQL bounty

#48, Source code

You are unauthorized to view this page.

CodeQL learning path

#38, Source code

You are unauthorized to view this page.

CodeQL and bugs in NSA’s application

#10, Source code

You are unauthorized to view this page.
« Older Entries

categories

  • AI
  • Articles by Issue
  • Bug Bounty
  • Burp
  • Case Studies
  • Challenges
  • Cheat sheets
  • Client-side hacking techniques
  • Cloud
  • Hacking Techniques
  • Labs
  • Mobile
  • Non-technical
  • Recon
  • Server-side hacking techniques
  • Source code
  • Tools
  • Web3
  • Writeups

tags

.net (3) 2fa (1) account-takeover (23) api (2) aws (5) cache-poisoning (9) cicd (2) cloud (2) codeql (8) cors (3) crypto (2) csrf (8) ctf (6) cve (3) debugging (4) dependency-confusion (1) deserialisation (2) dns (2) free (379) ghactions (4) graphql (6) idor (2) java (8) js (21) json (2) learning (2) mongodb (1) nuclei (1) path-traversal (4) postmessage (2) premium (160) proto-pollution (6) python (4) qa (1) rails (2) rce (18) regex (3) request-smuggling (8) rpc (1) ruby (5) salesforce (2) secrets (5) semgrep (3) session (1) sqli (6) ssrf (21) ssti (1) talks (6) terminal (4) unicode (2) urls (5) vscode (2) waf (4) web3 (7) websockets (3) wordpress (4) xml (3) xss (39)

Categories

  • Facebook
  • X
© Bug Bounty Reports Explained Grzegorz Niedziela 2022. Company registration number: PL6751745962