🚒 Invision Community fixed an SSRF vulnerability (CVE-2021-40604) found by Mikhail Klyuchnikov! Timeline: ✅ 06/23/2021 - The advisory is published 😒 06/24/2021 - Requested CVE via MITRE 😀 06/13/2022 - CVE was assigned The PoC ⤵️ The "gkey" param is an unfollow token.

💥 We have reproduced CVE-2022-31626, an RCE in PHP <= 7.4.29 which can be triggered via a rogue MySQL/MariaDB server! It's a Heap Overflow, works with MySQLi/PDO, and doesn't require LOAD LOCAL INFILE. The PoC 👉 github.com/CFandR-github/…

🧩 Zoneminder fixed a Post-Auth RCE found by our researcher Ilya Yatsenko (@fulc2um). See details in the advisory 👉 github.com/ZoneMinder/zon…

🥷 Useful hotkeys to become Burp Suite ninja

💥 New attack! Our researcher Arseniy Sharoglazov discovered a PHP's Arbitrary Object Instantiation with no user-defined classes. It was turned to RCE! Read the research: swarm.ptsecurity.com/exploiting-arb…

🥳 We have reproduced an Arbitrary File Read for an internal site of Skype for Business / MS Lync! CVE: CVE-2022-26911 Subdomains: dialin, meet, lyncdiscover, sip, ... Original advisory: lab.viettelcybersecurity.com/advisories/VCS… The PoC ⤵️

🚨 New article by our researcher Aleksey Solovev: "Researching Open Source apps for XSS to RCE flaws". Read the article: swarm.ptsecurity.com/researching-op…

🔥 A tip for getting RCE in Jetty apps with just one XML file!

🙀 Our researcher Arseniy Sharoglazov found a new technique for discovering second-level domains! Useful for: 🐞 Bughunters, for discovering vulns on new domains 🐛 Threathunters, for discovering malicious domains 🎃 Everyone else Read the research: swarm.ptsecurity.com/discovering-do…

🦺 A set of Jiggler Keys is the most practical tool for a penetration tester when operating on-site! Jiggle your way into any cabinet in a matter of seconds!

🐳 Red Hat fixed an Unauth XXE (CVE-2022-2414) in FreeIPA found by our researcher Egor Dimitrenko. In some cases, it allows attackers to read the Directory Manager password from the config of FreeIPA and take full control of the infrastructure. Advisory: access.redhat.com/security/cve/C…

😼 You discovered an XSS, but it has no impact? Our mobile hacker Impact knows the drill 🤑🔽

📝New research by Impact: "Fork Bomb for Flutter" There are more and more Flutter applications, and security analysis of these apps is in high demand. Our member Phil shares his knowledge and presents his reFlutter tool. Read the article: swarm.ptsecurity.com/fork-bomb-for-…

⚓️ New article by our researcher Mikhail Klyuchnikov: "Jetty Features for Hacking Web Apps". Read the research: swarm.ptsecurity.com/jetty-features…

✅ A simple way to merge manifests for an Android app.

🏆 Our nominees for PortSwigger Top 10 of 2022! 1️⃣ Jetty Features for Hacking Web Apps 2️⃣ Exploiting Arbitrary Object Instantiations in PHP without Custom Classes 3️⃣ Discovering Domains via a Time-Correlation Attack on Certificate Transparency Vote here:portswigger.net/polls/top-10-w…

💬 New article by our researcher Aleksey Solovev: "MyBB <= 1.8.31: Remote Code Execution Chain". 🐞 Abusing Nested Parsers Conditions for getting XSS 🐞 From Privileged SQL Injection to RCE Read the article: swarm.ptsecurity.com/mybb-1-8-31-re…

🧙‍♂️ CVE-2022-44268 - a vulnerability in ImageMagick that could lead to an arbitrary file read. How does it work? See here 👇

💰 New article by our researcher Andrey Bachurin: "Binance Smart Chain Token Bridge Hack" The article explains the technical details of one of the largest cryptocurrency hacks ever. Read the blog post: swarm.ptsecurity.com/binance-smart-…

🍃 Are you stuck on authorization bypass in a Spring app? This tip can be helpful to you!