BBRE Premium
  • Case Studies
  • Archive by issues
  • Courses
  • Archive by category
  • Account
Select Page

Class Pollution in Ruby: A Deep Dive into Exploiting Recursive Merges

#82, Server-side hacking techniques

You are unauthorized to view this page.

Ruby send leads to disclosing 1220 GitHub env variables

#75, Server-side hacking techniques

You are unauthorized to view this page.

A single codesearch worth thousands of bugs

#38, Hacking Techniques

You are unauthorized to view this page.

Examples of dangerous code in Java, .NET, PHP and Ruby

#7, Cheat sheets

You are unauthorized to view this page.

Finding a Ruby deserialization gadget

#26, Writeups

You are unauthorized to view this page.

categories

  • AI
  • Articles by Issue
  • Bug Bounty
  • Burp
  • Case Studies
  • Challenges
  • Cheat sheets
  • Client-side hacking techniques
  • Cloud
  • Hacking Techniques
  • Labs
  • Mobile
  • Non-technical
  • Recon
  • Server-side hacking techniques
  • Source code
  • Tools
  • Web3
  • Writeups

tags

.net (3) 2fa (1) account-takeover (23) api (2) aws (5) cache-poisoning (9) cicd (2) cloud (2) codeql (8) cors (3) crypto (2) csrf (8) ctf (6) cve (3) debugging (4) dependency-confusion (1) deserialisation (2) dns (2) free (379) ghactions (4) graphql (6) idor (2) java (8) js (21) json (2) learning (2) mongodb (1) nuclei (1) path-traversal (4) postmessage (2) premium (160) proto-pollution (6) python (4) qa (1) rails (2) rce (18) regex (3) request-smuggling (8) rpc (1) ruby (5) salesforce (2) secrets (5) semgrep (3) session (1) sqli (6) ssrf (21) ssti (1) talks (6) terminal (4) unicode (2) urls (5) vscode (2) waf (4) web3 (7) websockets (3) wordpress (4) xml (3) xss (39)

Categories

  • Facebook
  • X
© Bug Bounty Reports Explained Grzegorz Niedziela 2022. Company registration number: PL6751745962