This is my new favorite wordlist for subdomain enumeration by Internetwache.org! It's updated hourly and sorted by number of occurrences. You can clean it up easily with sed to use with gobuster (or whatever floats your boat). 1/2 #bugbounty #hacking #osint github.com/internetwache/…

New blogpost: Proof of Concept for "Apache Httpd Limited cross-site scripting in mod_proxy error page (CVE-2019-10092)" 0day.work/proof-of-conce… #cve #apache #httpd #xss

New blog post: Proof of Concept for "Wordpress <=5.2.3: viewing unauthenticated posts" 0day.work/proof-of-conce… #wordpress #cve #writeup #infosec WPScan - WordPress Security #poc

New blogpost: Open Redirects In Improperly Configured mod_rewrite Rules (PoC for CVE-2019-10098?) 0day.work/open-redirects… #cve #cve_2019_10098 #apache #openredirect #mod_rewrite #configuration #sysadmin #security #infosec

#BugbountyTip: Change request parameters from scalar (val=foo) to array (val[]=foo) for #XSS #Bugbounty #OWASP

#BugBountyTip Always check for #RaceConditions when redeeming coupons to get greater discounts and huge bounties ;-) #Bugbounty #OWASP #ITSecurity

#Bugbountytip Look for #API keys in the documentation or screenshots of blog posts. Sometimes those are *not* (entirely) redacted and still valid employee's credentials, giving you access to some juicy endpoints ;-) #Bugbounty #OWASP #ITSecurity

New blog post: X-MAS CTF: Roboworld 0day.work/x-mas-ctf-robo… #CTF #python #flask #itsec #redirect #xmasctf

That's a nice admin login bypass issue. I have a PoC and write-up ready to release, but I'll wait a few days for people to update. #wordpress #security #bypass

New blogpost: InfiniteWP Client < 1.9.4.5 - Authentication Bypass 0day.work/infinitewp-cli… Simply unauth. exploit to get admin access. #wordpress #security #itsec WPScan - WordPress Security

New research and blogpost: Pwning your (web)server and network the easy way - or why exposing ~/.ssh/ is a bad idea 0day.work/pwning-your-we… #security #itsec #bugbounty #ssh #websecurity

New blog post: Files on web servers Part I: History Files 0day.work/files-on-web-s… #websecurity #security #owasp #bugbountytips #ITsecurity

#Wordpress plugin vulns are reported to us w. good reason - millions of sites use them, which means millions of apps to secure. An analysis of from Crowdsource hacker, Sebastian Neef: #infosec #websecurity blog.detectify.com/2020/02/26/geh…

Another blog post, but this time Detectify's blog: How Wordpress plugins leak sensitive information. It's also a great #bugbountytips :-)

New blog post: Damn Vulnerable Bash Web Server - A web server written in bash. 0day.work/damn-vulnerabl… #bash #ctf #webserver #enowars #shittr

I'll be giving a talk at the virtual #HITBAMS20 / #HITBLockdown with my colleagues about "Open the Gates – The (in)security of Cloudless Smart Door Systems" Join the livestream at 2pm CET today! conference.hitb.org/lockdown-lives…

New blogpost: Credentials hiding in plain sight or how I pwned your http auth 0day.work/credentials-hi… #bugbounty #security #ITSecurity

Oh, forgot to post it here. I have a lightning talk at Detectify #Hackerschool 10 yesterday! Slides can be found here: 0day.work/credentials-hi… #Bugbounty

New writeups: Let Me See and Dawsonite from BalCCon CTF: 0day.work/balccon2k20-ct… #CTF

New blog post: Measuring a #Tor Hidden Service's idle Traffic 0day.work/measuring-a-to… #traffic #networking #tor