Join us

heart Updates and posts about Blogger..
 Activity
@mariya started using tool Blogger , 11 months, 1 week ago.
 Activity
@danielj46612790 started using tool Blogger , 1 year, 5 months ago.
 Activity
@ladychaos started using tool Blogger , 1 year, 8 months ago.
Story
@tutorialboy24 shared a post, 1 year, 11 months ago
tut

Spring Actuator - Stealing Secrets Using Spring Actuators - Part 1:

Spring is a set of frameworks for developing Applications in Java. It is widely used, and so it is not unusual to encounter it during a security audit or penetration test. One of its features that I recently encountered during a Whitebox audit is actuators. In this series of articles, I will use the..

Blue Sky Photocentric Youtube Channel Art.png
Story
@tutorialboy24 shared a post, 1 year, 11 months ago
tut

Turning cookie based XSS into account takeover

EpilogueI reported the exploitation scenario and was rewarded €500, as the impact was high. Be patient, don’t give up, and think out of the box. In this case, I used the company’s service to exploit the bug.Source :- https://tutorialboy24.blogspot.com/2022/09/turning-cookie-based-xss-into-account.ht..

xss.png
Story
@tutorialboy24 shared a post, 1 year, 11 months ago
tut

Exploiting Amazon Simple Notification Service Improper Validation of SigningCertUrl

IntroductionCountless applications rely on Amazon Web Services’ Simple Notification Service for application-to-application communication such as webhooks and callbacks. To verify the authenticity of these messages, these projects use certificate-based signature validation based on the SigningCertURL..

v (1).png
Story
@tutorialboy24 shared a post, 2 years ago
tut

A Detailed Talk about K8S Cluster Security from the Perspective of Attackers (Part 2)

IntroductionThe attacker's perspective on K8S cluster security (Part 1) summarizes the attack methods on K8S components, node external services, business pods, and container escape methods in the K8S cluster, corresponding to attack points. This article will continue to introduce attack points ..

k8s.png
 Activity
@sunpower999 started using tool Blogger , 2 years ago.
 Activity
@tutorialboy24 started using tool Blogger , 2 years ago.
 Activity
@coding_warepam started using Blogger , 2 years, 8 months ago.