fa
Feedback
Ayrix Bytes

Ayrix Bytes

رفتن به کانال در Telegram
945
مشترکین
اطلاعاتی وجود ندارد24 ساعت
-17 روز
+530 روز
آرشیو پست ها
🔹 Full Team Takeover 📆 2023-01-09 #️⃣ #Broken_Access_Control
🔹 Full Team Takeover 📆 2023-01-09 #️⃣ #Broken_Access_Control

🔹 Practical Example Of Client Side Path Manipulation 📆 2023-01-09 #️⃣ #Client_side_Path_Traversal
🔹 Practical Example Of Client Side Path Manipulation 📆 2023-01-09 #️⃣ #Client_side_Path_Traversal

🔹 SSD Advisory – MacOS Mozilla Firefox Download Protections Were Bypassed By .atloc / .ftploc Files 📆 2023-01-11 #️⃣ #Local
🔹 SSD Advisory – MacOS Mozilla Firefox Download Protections Were Bypassed By .atloc / .ftploc Files 📆 2023-01-11 #️⃣ #Local_Privilege_Escalation

🔹 Client-Side SSRF to Google Cloud Project Takeover [Google VRP] 📆 2023-01-12 #️⃣ #SSRF
🔹 Client-Side SSRF to Google Cloud Project Takeover [Google VRP] 📆 2023-01-12 #️⃣ #SSRF

🔹 DER Entitlements: The (Brief) Return of the Psychic Paper 📆 2023-01-12 #️⃣ #iOS
🔹 DER Entitlements: The (Brief) Return of the Psychic Paper 📆 2023-01-12 #️⃣ #iOS

🔹 SSH key injection in Google Cloud Compute Engine [Google VRP] 📆 2023-01-12 #️⃣ #OS_command_injection
🔹 SSH key injection in Google Cloud Compute Engine [Google VRP] 📆 2023-01-12 #️⃣ #OS_command_injection

🔹 Bad things come in large packages: .pkg signature verification bypass on macOS 📆 2023-01-13 #️⃣ #Local_Privilege_Escalati
🔹 Bad things come in large packages: .pkg signature verification bypass on macOS 📆 2023-01-13 #️⃣ #Local_Privilege_Escalation

🔹 Bypassing authorization in Google Cloud Workstations [Google VRP] 📆 2023-01-13 #️⃣ #Account_takeover
🔹 Bypassing authorization in Google Cloud Workstations [Google VRP] 📆 2023-01-13 #️⃣ #Account_takeover

🔹 XSS using postMessage in Google Cloud Theia notebooks [Google VRP] 📆 2023-01-15 #️⃣ #XSS
🔹 XSS using postMessage in Google Cloud Theia notebooks [Google VRP] 📆 2023-01-15 #️⃣ #XSS

🔹 Critical Vulnerability through OSINT only 📆 2023-01-15 #️⃣ #Information_disclosure
🔹 Critical Vulnerability through OSINT only 📆 2023-01-15 #️⃣ #Information_disclosure

🔹 thisclosed_#2 - PostgreSQL Database Exfiltration through the abuse of PostgREST requests 📆 2023-01-16 #️⃣ #SQL_injection
🔹 thisclosed_#2 - PostgreSQL Database Exfiltration through the abuse of PostgREST requests 📆 2023-01-16 #️⃣ #SQL_injection

🔹 Full Account Take Over by very simple trick. 📆 2023-01-16 #️⃣ #Account_takeover
🔹 Full Account Take Over by very simple trick. 📆 2023-01-16 #️⃣ #Account_takeover

🔹 CVE-2022-21587 (Oracle E-Business Suite Unauthenticated RCE) 📆 2023-01-16 #️⃣ #RCE
🔹 CVE-2022-21587 (Oracle E-Business Suite Unauthenticated RCE) 📆 2023-01-16 #️⃣ #RCE

🔹 AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass 📆 2023-01-17 #️⃣ #Cloud
🔹 AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass 📆 2023-01-17 #️⃣ #Cloud

🔹 DOM-Based XSS for fun and profit $$$! | Bug Bounty POC 📆 2023-01-17 #️⃣ #DOM_XSS
🔹 DOM-Based XSS for fun and profit $$$! | Bug Bounty POC 📆 2023-01-17 #️⃣ #DOM_XSS

🔹 How Orca Found Server-Side Request Forgery (SSRF) Vulnerabilities in Four Different Azure Services 📆 2023-01-17 #️⃣ #SSRF
🔹 How Orca Found Server-Side Request Forgery (SSRF) Vulnerabilities in Four Different Azure Services 📆 2023-01-17 #️⃣ #SSRF

🔹 Centreon map vulnerability 📆 2023-01-17 #️⃣ #Authentication_bypass
🔹 Centreon map vulnerability 📆 2023-01-17 #️⃣ #Authentication_bypass

🔹 XML Security in Java 📆 2023-01-17 #️⃣ #XXE
🔹 XML Security in Java 📆 2023-01-17 #️⃣ #XXE

🔹 How I identified and reported vulnerabilities in Oracle and the rewards of responsible disclosure:From Backup Leak to Hall
🔹 How I identified and reported vulnerabilities in Oracle and the rewards of responsible disclosure:From Backup Leak to Hall of Fame 📆 2023-01-18 #️⃣ #Information_disclosure

🔹 API Misconfiguration - No Swag of SwaggerUI 📆 2023-01-19 #️⃣ #Security_misconfiguration
🔹 API Misconfiguration - No Swag of SwaggerUI 📆 2023-01-19 #️⃣ #Security_misconfiguration