Last day to submit solutions! Submit yours at hackerone.com/bugpoc before 10pm EDT for your chance to win cash prizes and skip the first interview for select Amazon Sec Eng Roles! #bugbountytips #ssrf #heapdump

Here it is - my #writeup from Buggy Doggo #CTF challenge from BugPoC and Ben Sadeghipour medium.com/@pkusik/buggy-… Enjoy! #CyberSec

Huge THANK YOU to all the hackers that participated in our latest CTF! Congrats to the following raffle winners: Robin De Baets Aloïs Thévenot Akshansh Jaiswal Yash Sodha Check H1 for a $250 prize! Don't forget to publish blog write-ups before 05/05 10pm EDT. Our fave gets $250!

Writeup for BugPoC CTF - Memory Leak Challenge: ltidi.medium.com/bugpoc-hack-th… Much obliged BugPoC !

Here is my write-up for the Hack The Amazon Interview #ctf: world.hey.com/alois/hack-the… Thanks BugPoC Ben Sadeghipour

Thanks for the fun memory leak challenge BugPoC Ben Sadeghipour! Wrote a thing or two on how to approach & solve the challenge, alternative solutions, and shared some tools/tips as well. Enjoy! :) creastery.com/blog/bugpoc-ap…

New video! I just made a walkthrough of BugPoC's Doggo CTF in partnership with Amazon's security team. Some fun with device fingerprinting, a path traversal, and more! youtu.be/G2n6AdTQmqU BTW the CTF is still up, if anyone wants to give a try!

Want to learn how to chain an Encryption Oracle + SSRF + Dir Traversal + Heapdump? Check out this great write-up by dunglt140150 about our latest CTF! 📝 Huge thanks to all hackers that made write-ups! More CTFs coming soon! 🪲🔨 ltidi.medium.com/bugpoc-hack-th…

Got SSRF/LFI using Open Graph Protocol , Server was parsing thumbnail using og:image property , Crafted a page by putting <meta property="og:image" content="file:///etc/passwd"/> to pull local file, Similar approach used to solve BugPoC CTF⬇️ #bugbounty #bugbountytips

If you never used BugPoC this is a nice challenge where it could come in handy :)

$100,500 Apple bug bounty 🤯 Safari UXSS, Gatekeeper bypass, local file execution, and filesystem access CVE-2021-30861 CVE-2021-30975 #bugbountytips #apple ryanpickren.com/safari-uxss

Great research once again from Ryan Pickren for those looking for Apple bugs: Gaining unauthorized camera access via Safari UXSS ryanpickren.com/safari-uxss

A group of MacOS vulnerabilities—fixed by Apple at the end of last year—could allow an attacker to "punch a hole" in your Safari browser, granting them access to your online accounts, to turn on your mic, or even take over your webcam. 😳 wired.trib.al/sIiHSjb

Critical Vulnerabilities Allow Hackers to Take Full Control of Wago PLCs securityweek.com/critical-vulne…

Spatial Computing Hack Exploits Apple Vision Pro Flaw to Fill Room With Spiders, Bats securityweek.com/spatial-comput…

Vision Pro bug fixed; websites can no longer fill your room with bats 9to5mac.com/2024/06/21/vis… by benlovejoy

CVE-2024-27812 ryanpickren.com/vision-pro-hack

"We can instantly fill their room with hundreds of crawling spiders and screeching bats!" trib.al/vkx2Kq6