237
Subscribers
No data24 hours
No data7 days
No data30 days
- Subscribers
- Post coverage
- ER - engagement ratio
Data loading in progress...
Subscriber growth rate
Data loading in progress...
Photo unavailableShow in Telegram
💥Payloads Arsenal for Penetration Tester and Bug Bounty Hunters is a collection payloads from various popular and well known sources
Photo unavailableShow in Telegram
💥Vulnerabilities in some blockchain projects and there exploits
💥QuillAudits Smart Contracts, deFi, NFT, tokens,Dao , Dex and DApps Audit Reports
💥SCV-List(This list highlights the accomplishments and disclosed vulnerabilities of the top white hat security experts in DeFi)
💥Smart Contract Vulnerability Detection Using Graph Neural Networks (IJCAI-20 Accepted)
💥DeFiVulnLabs(learn common smart contract vulnerabilities using Foundry)
💥ContractFuzzer(The Ethereum Smart Contract Fuzzer for Security Vulnerability Detection)
💥Find semgrep rules that look for patterns of vulnerabilities in smart contracts based on actual DeFi exploits
💥Collection of resources to study Solana smart contract security, auditing, and exploits
#exploitation #fuzzing #security #DeFi #vulnerability
💥CVE-2022-38374(XSS in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4) PoC exploit.
It allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews
Photo unavailableShow in Telegram
🔥🔥🔥[Kafka Connect] [JdbcSinkConnector][HttpSinkConnector] RCE by leveraging file upload via SQLite JDBC driver and SSRF to internal Jolokia
🔥🔥🔥PoCs
The Aiven JDBC sink includes the SQLite JDBC Driver. This JDBC driver can be used to upload SQLite database files onto the server. The HTTP sink connector allows sending HTTP requests to localhost. There is unprotected Jolokia listening on
localhost:6725
. JMX exports the com.sun.management:type=DiagnosticCommand
MBean, which contains the jvmtiAgentLoad
operation. This operation can be used to execute the SQLite database as JVM Agent by embedding the JVM Agent JAR file inside the SQLite database as an BLOB field in a table.
📕Hacking Aiven managed services for fun and profit