BBRE Premium
  • Case Studies
  • Archive by issues
  • Courses
  • Archive by category
  • Account
Select Page

OAuth #1 – How does it even work?

#74, OAuth

You are unauthorized to view this page.

How NOT to Train Your Hack Bot: Dos and Don’ts of Building Offensive GPTs

#73, AI

You are unauthorized to view this page.

ALB auth bypass by using untrusted JWT token

#73, Server-side hacking techniques

You are unauthorized to view this page.

Request smuggling case study – what more to do other than running existing tools?

#72, Case Studies

You are unauthorized to view this page.

Breaking HTTP parsers using HTTP garden

#71, Server-side hacking techniques

You are unauthorized to view this page.
« Older Entries
Next Entries »

categories

  • AI
  • Articles by Issue
  • Bug Bounty
  • Burp
  • Case Studies
  • Challenges
  • Cheat sheets
  • Client-side hacking techniques
  • Cloud
  • Hacking Techniques
  • Labs
  • Mobile
  • Non-technical
  • Recon
  • Server-side hacking techniques
  • Source code
  • Tools
  • Web3
  • Writeups

tags

.net (3) 2fa (1) account-takeover (23) api (2) aws (5) cache-poisoning (9) cicd (2) cloud (2) codeql (8) cors (3) crypto (2) csrf (8) ctf (6) cve (3) debugging (4) dependency-confusion (1) deserialisation (2) dns (2) free (379) ghactions (4) graphql (7) idor (2) java (8) js (21) json (2) learning (2) mongodb (1) nuclei (1) path-traversal (4) postmessage (2) premium (162) proto-pollution (6) python (4) qa (1) rails (2) rce (18) regex (3) request-smuggling (8) rpc (1) ruby (5) salesforce (2) secrets (5) semgrep (3) session (1) sqli (6) ssrf (21) ssti (1) talks (6) terminal (4) unicode (2) urls (5) vscode (2) waf (4) web3 (7) websockets (3) wordpress (4) xml (3) xss (39)

Categories

  • Facebook
  • X
© Bug Bounty Reports Explained Grzegorz Niedziela 2022. Company registration number: PL6751745962