HACK-ERA CTF — Intra University Round Walkthrough… 作者组织了国家级别CTF比赛HACK-ERA CTF，吸引了来自不同部门和地区的学生参与。比赛通过现实场景挑战如网络利用、OSINT和二进制分析测试参赛者技能。文章详细介绍了两个挑战：利用IDOR漏洞访问其他账户及分析伪装成PDF的JPEG文件以获取隐藏密码和旗标。... 2025-5-6 07:18:50 | 阅读: 15 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com brief mission bio username era

2025 Mobile App Pentesting Guide: Tools, Techniques & Real-World Examples 文章介绍了2025年移动应用渗透测试的方法与工具，包括安装ADB、MobSF等环境配置，分析APK文件权限及反编译源代码寻找秘密，并利用Burp Suite进行API测试与模糊测试。同时探讨了绕过SSL钉扎及认证机制，并强调遵循OWASP MASVS标准的重要性。... 2025-5-6 07:18:31 | 阅读: 16 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com openexploit apk bypass security sslcontext

Beyond Alert Boxes: Exploiting DOM XSS for Full Account Takeover 文章探讨了DOM XSS漏洞的真实案例，攻击者通过注入恶意脚本窃取认证令牌和会话ID，最终导致账户接管，展示了XSS的严重安全风险。... 2025-5-6 07:18:14 | 阅读: 13 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com articleid inject payload malicious

Beyond Alert Boxes: Exploiting DOM XSS for Full Account Takeover 文章描述了一个真实的DOM XSS漏洞案例，展示了如何通过该漏洞窃取认证令牌和会话ID，最终实现账户接管。这突显了XSS攻击的实际危害以及组织在处理用户控制数据时的潜在风险。... 2025-5-6 07:18:14 | 阅读: 20 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com inject articleid attacker ups client

Manipulating Responses: A Deep Dive into Exploitation => $650 文章描述了一位赏金猎人测试一个简单应用程序的经历。他发现了多个P3级别漏洞和一个子域接管问题（不在范围内）。作为赏金猎人，他强调即使面对重复或低严重性问题，这些经历也是成长的机会。... 2025-5-6 07:18:3 | 阅读: 16 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com contributes client duplicates refining rejection

Manipulating Responses: A Deep Dive into Exploitation => $650 赏金猎人Hunter分享了一次测试应用程序的经历，在有限的功能中发现多个P3级别漏洞及子域名接管问题（但不在范围内）。尽管面临重复、低严重性等问题的挑战，这些经历帮助他提升技能并最终获得赏金。... 2025-5-6 07:18:3 | 阅读: 13 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com duplicates completing categorized stepping

Hack Any Mobile Phone Remotely 本文介绍如何使用Metasploit工具远程入侵手机的方法，仅用于教育目的。需电脑、网络和手机配合使用。适用于安卓10以下设备。... 2025-5-6 07:17:21 | 阅读: 15 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com phones educational satyam ethically

Containers vs Virtual Machines: Key Differences, Benefits, and Use Cases Explained 文章探讨了容器与虚拟机的区别、优缺点及应用场景，帮助读者选择适合现代应用的基础设施解决方案。... 2025-5-6 07:17:2 | 阅读: 12 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com containers software differ vms aim

$2000 Bounty: Stored XSS in GitLab GitLab的仓库文件查看器中发现存储型XSS漏洞，源于旧版DOMPurify未正确清理恶意HTML属性。攻击者可上传恶意OpenAPI文件触发漏洞，导致存储型XSS。该漏洞已修复，并获得$2000赏金。... 2025-5-6 07:16:57 | 阅读: 17 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com gitlab repository openapi swagger dompurify

$2000 Bounty: Stored XSS in GitLab GitLab的仓库查看器因使用过时的Swagger UI和DOMPurify库存在存储型XSS漏洞。攻击者可上传恶意OpenAPI文件，在用户查看时触发XSS攻击。... 2025-5-6 07:16:57 | 阅读: 15 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com gitlab openapi repository malicious security

Threat Profiling 101: How to Create a Threat Profile 威胁分析帮助企业识别和优先处理最可能攻击其组织的威胁,提供结构化方法,从被动防御转向主动防御,优化资源分配和安全态势。... 2025-5-6 07:16:8 | 阅读: 15 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com threats prioritize profiling security determining

How Hackers Exploit CORS Misconfigurations 2025-5-6 07:15:8 | 阅读: 13 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com

How Hackers Exploit CORS Misconfigurations 跨域资源共享（CORS）是浏览器安全机制，限制网页从不同域名请求资源以防止恶意访问敏感数据。若配置不当，可能被黑客利用造成安全风险。正确设置CORS头如Access-Control-Allow-Origin可授权可信域名访问资源。... 2025-5-6 07:15:8 | 阅读: 14 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com malicious security delves

The Ultimate Guide to Cyber Threat Actors: Exploring Hackers, Hacktivists, and Their Tactics 2025-5-6 07:14:46 | 阅读: 11 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com

$1000 Bounty: Account Takeover via Host Header Injection in Password Reset Flow 文章描述了一次通过Host头注入攻击成功接管账户的经历。攻击者利用密码重置功能中的漏洞，操控请求头中的Host值，最终实现账户完全控制，并获得1000美元奖励。... 2025-5-6 07:14:37 | 阅读: 13 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com unusual deadly overlooked walked corners

Missing Rate Limit on Several Endpoints $1300 文章探讨了速率限制机制及其在保护API中的作用，介绍了严格和灵活两种限流方式，并强调其在防止资源耗尽、控制成本和提升安全性方面的关键作用。... 2025-5-6 07:13:59 | 阅读: 11 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com limiting threshold limiter exceeded limiters

Clickjacked to the Core: Turning UI into a Trapdoor 2025-5-5 09:30:0 | 阅读: 10 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com

Clickjacked to the Core: Turning UI into a Trapdoor 2025-5-5 09:30:0 | 阅读: 8 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com

Bypassing Regex Validations to Achieve RCE: A Wild Bug Story 2025-5-5 09:29:54 | 阅读: 16 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com

Bypassing Regex Validations to Achieve RCE: A Wild Bug Story 2025-5-5 09:29:54 | 阅读: 14 | 收藏 | InfoSec Write-ups - Medium - infosecwriteups.com