en
Feedback
Ayrix Bytes

Ayrix Bytes

Open in Telegram
945
Subscribers
No data24 hours
-17 days
+530 days
Posts Archive
šŸ”¹ Full Team Takeover šŸ“† 2023-01-09 #ļøāƒ£ #Broken_Access_Control
šŸ”¹ Full Team Takeover šŸ“† 2023-01-09 #ļøāƒ£ #Broken_Access_Control

šŸ”¹ Practical Example Of Client Side Path Manipulation šŸ“† 2023-01-09 #ļøāƒ£ #Client_side_Path_Traversal
šŸ”¹ Practical Example Of Client Side Path Manipulation šŸ“† 2023-01-09 #ļøāƒ£ #Client_side_Path_Traversal

šŸ”¹ SSD Advisory – MacOS Mozilla Firefox Download Protections Were Bypassed By .atloc / .ftploc Files šŸ“† 2023-01-11 #ļøāƒ£ #Local
šŸ”¹ SSD Advisory – MacOS Mozilla Firefox Download Protections Were Bypassed By .atloc / .ftploc Files šŸ“† 2023-01-11 #ļøāƒ£ #Local_Privilege_Escalation

šŸ”¹ Client-Side SSRF to Google Cloud Project Takeover [Google VRP] šŸ“† 2023-01-12 #ļøāƒ£ #SSRF
šŸ”¹ Client-Side SSRF to Google Cloud Project Takeover [Google VRP] šŸ“† 2023-01-12 #ļøāƒ£ #SSRF

šŸ”¹ DER Entitlements: The (Brief) Return of the Psychic Paper šŸ“† 2023-01-12 #ļøāƒ£ #iOS
šŸ”¹ DER Entitlements: The (Brief) Return of the Psychic Paper šŸ“† 2023-01-12 #ļøāƒ£ #iOS

šŸ”¹ SSH key injection in Google Cloud Compute Engine [Google VRP] šŸ“† 2023-01-12 #ļøāƒ£ #OS_command_injection
šŸ”¹ SSH key injection in Google Cloud Compute Engine [Google VRP] šŸ“† 2023-01-12 #ļøāƒ£ #OS_command_injection

šŸ”¹ Bad things come in large packages: .pkg signature verification bypass on macOS šŸ“† 2023-01-13 #ļøāƒ£ #Local_Privilege_Escalati
šŸ”¹ Bad things come in large packages: .pkg signature verification bypass on macOS šŸ“† 2023-01-13 #ļøāƒ£ #Local_Privilege_Escalation

šŸ”¹ Bypassing authorization in Google Cloud Workstations [Google VRP] šŸ“† 2023-01-13 #ļøāƒ£ #Account_takeover
šŸ”¹ Bypassing authorization in Google Cloud Workstations [Google VRP] šŸ“† 2023-01-13 #ļøāƒ£ #Account_takeover

šŸ”¹ XSS using postMessage in Google Cloud Theia notebooks [Google VRP] šŸ“† 2023-01-15 #ļøāƒ£ #XSS
šŸ”¹ XSS using postMessage in Google Cloud Theia notebooks [Google VRP] šŸ“† 2023-01-15 #ļøāƒ£ #XSS

šŸ”¹ Critical Vulnerability through OSINT only šŸ“† 2023-01-15 #ļøāƒ£ #Information_disclosure
šŸ”¹ Critical Vulnerability through OSINT only šŸ“† 2023-01-15 #ļøāƒ£ #Information_disclosure

šŸ”¹ thisclosed_#2 - PostgreSQL Database Exfiltration through the abuse of PostgREST requests šŸ“† 2023-01-16 #ļøāƒ£ #SQL_injection
šŸ”¹ thisclosed_#2 - PostgreSQL Database Exfiltration through the abuse of PostgREST requests šŸ“† 2023-01-16 #ļøāƒ£ #SQL_injection

šŸ”¹ Full Account Take Over by very simple trick. šŸ“† 2023-01-16 #ļøāƒ£ #Account_takeover
šŸ”¹ Full Account Take Over by very simple trick. šŸ“† 2023-01-16 #ļøāƒ£ #Account_takeover

šŸ”¹ CVE-2022-21587 (Oracle E-Business Suite Unauthenticated RCE) šŸ“† 2023-01-16 #ļøāƒ£ #RCE
šŸ”¹ CVE-2022-21587 (Oracle E-Business Suite Unauthenticated RCE) šŸ“† 2023-01-16 #ļøāƒ£ #RCE

šŸ”¹ AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass šŸ“† 2023-01-17 #ļøāƒ£ #Cloud
šŸ”¹ AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass šŸ“† 2023-01-17 #ļøāƒ£ #Cloud

šŸ”¹ DOM-Based XSS for fun and profit $$$! | Bug Bounty POC šŸ“† 2023-01-17 #ļøāƒ£ #DOM_XSS
šŸ”¹ DOM-Based XSS for fun and profit $$$! | Bug Bounty POC šŸ“† 2023-01-17 #ļøāƒ£ #DOM_XSS

šŸ”¹ How Orca Found Server-Side Request Forgery (SSRF) Vulnerabilities in Four Different Azure Services šŸ“† 2023-01-17 #ļøāƒ£ #SSRF
šŸ”¹ How Orca Found Server-Side Request Forgery (SSRF) Vulnerabilities in Four Different Azure Services šŸ“† 2023-01-17 #ļøāƒ£ #SSRF

šŸ”¹ Centreon map vulnerability šŸ“† 2023-01-17 #ļøāƒ£ #Authentication_bypass
šŸ”¹ Centreon map vulnerability šŸ“† 2023-01-17 #ļøāƒ£ #Authentication_bypass

šŸ”¹ XML Security in Java šŸ“† 2023-01-17 #ļøāƒ£ #XXE
šŸ”¹ XML Security in Java šŸ“† 2023-01-17 #ļøāƒ£ #XXE

šŸ”¹ How I identified and reported vulnerabilities in Oracle and the rewards of responsible disclosure:From Backup Leak to Hall
šŸ”¹ How I identified and reported vulnerabilities in Oracle and the rewards of responsible disclosure:From Backup Leak to Hall of Fame šŸ“† 2023-01-18 #ļøāƒ£ #Information_disclosure

šŸ”¹ API Misconfiguration - No Swag of SwaggerUI šŸ“† 2023-01-19 #ļøāƒ£ #Security_misconfiguration
šŸ”¹ API Misconfiguration - No Swag of SwaggerUI šŸ“† 2023-01-19 #ļøāƒ£ #Security_misconfiguration