Remember
Register
Techbypass Let's Bypass
Techbypass always tries to help you to learn about recent vulnerabilities and exploitations.
Learn and share your security findings and help others to secure their digital assets.
Questions
Unanswered
Tags
Users
Ask a Question
Need any help mail to
[email protected]
Activate
Top 10 web hacking techniques of 2019
0
votes
All Nominations:
Cached and Confused: Web Cache Deception in the Wild
Facebook Messenger server random memory exposure through corrupted GIF
Exploring Continuous Integration Services as a Bug Bounty Hunter
Cross-Site Leaks
HTTP Desync Attacks: Request Smuggling Reborn
Let's Make Windows Defender Angry: Antivirus can be an oracle!
At Home Among Strangers
Exploiting padding oracles with fixed IVs
XSS in GMail's AMP4Email via DOM Clobbering
Abusing HTTP hop-by-hop request headers
Unveiling vulnerabilities in WebSocket APIs
CPDoS: Cache Poisoned Denial of Service
Security analysis of portal element
Owning The Clout Through Server Side Request Forgery
Microsoft Edge (Chromium) - Elevation of Privilege to Potential RCE
Abusing autoresponders and email bounces
Infiltrating Corporate Intranet Like NSA: Pre-Auth RCE On Leading SSL VPNs
ESI Injection Part 2: Abusing specific implementations
A Tale of Exploitation in Spreadsheet File Conversions
Reusing Cookies
SSRF Protocol Smuggling in Plaintext Credential Handlers : LDAP
Exploiting prototype pollution - RCE in Kibana
Exploiting SSRF in AWS Elastic Beanstalk
Don't open that XML: XXE to RCE in XML plugins for VS Code, Eclipse, Theia, ...
Finding and Exploiting .NET Remoting over HTTP using Deserialisation
Getting Shell with XAMLX Files
Common Security Issues in Financially-Oriented Web Applications
IIS Application vs. Folder Detection During Blackbox Testing
Exploiting Deserialisation in ASP.NET via ViewState
The Cookie Monster in Your Browsers
DOMPurify 2.0.0 bypass using mutation XSS
XSS-Auditor — the protector of unprotected and the deceiver of protected
Get pwned by scanning QR Code
Remote Code Execution via Insecure Deserialization in Telerik UI
Far Side of Java Remote Protocols
Exploiting Null Byte Buffer Overflow for a $40,000 bounty
The world of Site Isolation and compromised renderer
Hacking Jenkins Part 2 - Abusing Meta Programming for Unauthenticated RCE!
All is XSS that comes to the .NET
SSO Wars: The Token Menace
HostSplit: Exploitable Antipatterns in Unicode Normalization
Google Search XSS
Backchannel Leaks on Strict Content-Security Policy
Uploading web.config for Fun and Profit 2
Exploiting Spring Boot Actuators
Exploiting JNDI Injections in Java
Apache Solr Injection Research
PHP-FPM RCE(CVE-2019-11043)
Bypassing SOP Using the Browser Cache
Reverse proxies & Inconsistency
x-up-devcap-post-charset Header in ASP.NET to Bypass WAFs Again
method
asked
Feb 16, 2020
by
exploitNeed
(
109
points)
Please
log in
or
register
to answer this question.
0
Answers
...