Bug Bytes #53 – Exploiting a SSRF in WeasyPrint, The Bug That Exposed Your PayPal Password and 12 tricks for Burp Repeater

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week. Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The…

Continue Reading Bug Bytes #53 – Exploiting a SSRF in WeasyPrint, The Bug That Exposed Your PayPal Password and 12 tricks for Burp Repeater

Bug Bytes #52 – Account takeover via HTTP Request Smuggling, Lesser-known Tools for Android Application PenTesting and Hunting Credentials and Secrets in iOS Apps

Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week. Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The…

Continue Reading Bug Bytes #52 – Account takeover via HTTP Request Smuggling, Lesser-known Tools for Android Application PenTesting and Hunting Credentials and Secrets in iOS Apps

Bug Bytes #43 – Abusing HTTP hop-by-hop request headers, The Bug Bounty Podcast by @Regala_ & Live Bug Bounty Recon Session on Verizon Media’s Yahoo.com W/ @Securinti

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series is curated by Mariem, better known as PentesterLand. Every week, she keeps us up to…

Continue Reading Bug Bytes #43 – Abusing HTTP hop-by-hop request headers, The Bug Bounty Podcast by @Regala_ & Live Bug Bounty Recon Session on Verizon Media’s Yahoo.com W/ @Securinti

Bug Bytes #31 – HTTP Desync Attacks by @albinowax, Exploiting Out Of Band XXE by @Zombiehelp54, GitHub Recon and Sensitive Data Exposure

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series are curated by Mariem, better known as PentesterLand. Every week, she keeps us updated with…

Continue Reading Bug Bytes #31 – HTTP Desync Attacks by @albinowax, Exploiting Out Of Band XXE by @Zombiehelp54, GitHub Recon and Sensitive Data Exposure

Bug Bytes #30 – Chaining Cache Poisoning To Stored XSS, How To Bypass Cloudflare’s WAF & Ghostwriter by SpecterOps

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series are curated by Mariem, better known as PentesterLand. Every week, she keeps us updated with…

Continue Reading Bug Bytes #30 – Chaining Cache Poisoning To Stored XSS, How To Bypass Cloudflare’s WAF & Ghostwriter by SpecterOps

Bug Bytes #29 – Why do Penetration Testing Teams Hate You, SSL/TLS vulnerabilities & A Deep Dive into XXE Injection

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series are curated by Mariem, better known as PentesterLand. Every week, she keeps us updated with…

Continue Reading Bug Bytes #29 – Why do Penetration Testing Teams Hate You, SSL/TLS vulnerabilities & A Deep Dive into XXE Injection

Bug Bytes #22 – Disabling distracting Firefox traffic from Burp, A 2019 Workflow for Subdomain Enumeration by @0xpatrik & DirectoryImporter

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series are curated by Mariem, better known as PentesterLand. Every week, she keeps us updated with…

Continue Reading Bug Bytes #22 – Disabling distracting Firefox traffic from Burp, A 2019 Workflow for Subdomain Enumeration by @0xpatrik & DirectoryImporter

Bug Bytes #21 – Automation of the Recon Process by @armaancrockroax, Stored XSS via MIME sniffing & Building Virtual Machine Labs

Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The first series are curated by Mariem, better known as PentesterLand. Every week, she keeps us updated with…

Continue Reading Bug Bytes #21 – Automation of the Recon Process by @armaancrockroax, Stored XSS via MIME sniffing & Building Virtual Machine Labs