| 1. | | Abusing Enclosed Alphanumerics for SSRF |
| 1 point by cujanovic on Nov 23, 2017 | past |
|
| 2. | | SSRF (Server Side Request Forgery) Testing Resources (cujanovic.com) |
| 1 point by cujanovic on Sept 13, 2017 | past |
|
| 3. | | Open Redirect Payloads (github.com/cujanovic) |
| 1 point by cujanovic on July 6, 2017 | past |
|
| 4. | | SSRF Testing resources – tools and links to help you test for SSRF in web apps (github.com/cujanovic) |
| 1 point by cujanovic on June 5, 2017 | past |
|
| 5. | | How I Hacked My Smart TV from My Bed via a Command Injection (netsparker.com) |
| 2 points by cujanovic on April 7, 2017 | past |
|
| 6. | | CVE-2016-8610 (SSL Death Alert) PoC (github.com/cujanovic) |
| 1 point by cujanovic on Dec 27, 2016 | past |
|
| 7. | | The State of Wordpress Security (ripstech.com) |
| 6 points by cujanovic on Dec 15, 2016 | past | 1 comment |
|
| 8. | | Backslash Powered Scanning: Hunting Unknown Vulnerability Classes (portswigger.net) |
| 4 points by cujanovic on Nov 7, 2016 | past |
|
| 9. | | Linux containers in 500 lines of code (lizzie.io) |
| 2 points by cujanovic on Nov 2, 2016 | past |
|
| 10. | | CSRF protection bypass on any Django powered site via Google Analytics (hackerone.com) |
| 2 points by cujanovic on Sept 27, 2016 | past |
|
| 11. | | [dupe] How I gained access to TMobile’s national network for free (medium.com/jacobajit) |
| 62 points by cujanovic on Sept 19, 2016 | past | 10 comments |
|
| 12. | | Nginx resolver vulnerabilities allow cache poisoning attack (zorinaq.com) |
| 1 point by cujanovic on Aug 30, 2016 | past |
|
| 13. | | How I Could Have Hacked Multiple Facebook Accounts (medium.com/gurkiratsingh) |
| 5 points by cujanovic on Aug 26, 2016 | past |
|
| 14. | | Vulnerability in the Linux kernel's tcp stack implementation (akamai.com) |
| 3 points by cujanovic on Aug 11, 2016 | past |
|
| 15. | | The Imperva HTTP/2 Vulnerability Report and NGINX (nginx.com) |
| 2 points by cujanovic on Aug 8, 2016 | past | 1 comment |
|
| 16. | | How to steal any developer's local database (bouk.co) |
| 2 points by cujanovic on Aug 4, 2016 | past |
|
| 17. | | HTTP/2: Faster and better than HTTP 1.1, but is it more secure? [pdf] (imperva.com) |
| 6 points by cujanovic on Aug 3, 2016 | past |
|
| 18. | | Mr Robot S02E01 easter egg (0x41.no) |
| 6 points by cujanovic on July 14, 2016 | past |
|
| 19. | | Firefox – Same-Origin Policy Bypass (CVE-2015-7188) (bentkowski.info) |
| 32 points by cujanovic on July 6, 2016 | past | 5 comments |
|
| 20. | | Debian Exim Spool Local Root (halfdog.net) |
| 1 point by cujanovic on June 30, 2016 | past |
|
| 21. | | Auditing CSP Headers with Burp and ZAP (gosecure.ca) |
| 1 point by cujanovic on June 29, 2016 | past |
|
| 22. | | XSS and WordPress – The Aftermath (g0blin.co.uk) |
| 2 points by cujanovic on June 28, 2016 | past |
|
| 23. | | Nginx: Supporting HTTP/2 for Google Chrome Users (nginx.com) |
| 5 points by cujanovic on June 8, 2016 | past |
|
| 24. | | Integer Overflow in php_html_entities() (php.net) |
| 2 points by cujanovic on May 27, 2016 | past |
|
| 25. | | Mr. Robot Blind SQL Injection Vulnerability (corenumb.wordpress.com) |
| 101 points by cujanovic on May 16, 2016 | past | 35 comments |
|
| 26. | | Jenkins Security Advisory 2016-05-11 (jenkins-ci.org) |
| 1 point by cujanovic on May 12, 2016 | past |
|
| 27. | | WordPress 4.5.1 XSS (midzer0.github.io) |
| 4 points by cujanovic on May 11, 2016 | past | 1 comment |
|
| 28. | | Hogwatch – a bandwidth monitor that shows per process network transfer (github.com/akshaykmr) |
| 195 points by cujanovic on April 30, 2016 | past | 52 comments |
|
| 29. | | Binary Webshell Through OPcache in PHP 7 (gosecure.ca) |
| 2 points by cujanovic on April 27, 2016 | past |
|
| 30. | | How I hacked my local ISP (harshillodhi.co.in) |
| 3 points by cujanovic on April 19, 2016 | past |
|
|
| More |
