Supras.io
Menu Close
  • Systèmes libre
  • Réseaux
  • Windows
  • Virtualisation
  • InfoSec
  • Bloc-notes
0

New subdomain takeover case : Clever Cloud

Posted on 24 novembre 2023 by Supras

Image credit: DALL-E Recon It all started during a recon phase on a YesWeHack program, when I came across a rather curious 404 not found page that I’d never seen before :     The source code of the page… Continuer la lecture →

InfoSec
0

Simple 1-click account takeover via Oauth misconfiguration

Posted on 11 juin 2023 by Supras

This is a vulnerability that I found on one of Bug Bounty CH’s customers, explained by their team in a blog post.

InfoSec
0

How I got access to many PIIs through a source code leak

Posted on 5 octobre 2021 by Supras

Hi everyone ! My blog has been unpublished for almost a year now, so I needed a new post … Here is an write-up from a recent P1 found and exploited on an external bug bounty program which led to… Continuer la lecture →

InfoSec
1

Reflected XSS via a hidden parameter on Dutch Gov. website

Posted on 19 septembre 2020 by Supras

This summer I came across the Bug Bounty program of the Dutch Government, and I saw that as a reward it offers you a super cool t-shirt ! I have to redo my wardrobe, so why not give it a… Continuer la lecture →

InfoSec

Navigation des articles

Articles Précédents

A propos

Contact

Blogroll

[EN] Pentester Land
[EN] H1 Hacktivity
[EN] Medium - Infosec Write-Ups
[EN] The Hacker News
[FR] Le journal du Hacker
[FR] Linuxfr.org
© 2024 Supras.io. All rights reserved.
Hiero by aThemes