Blue Byte articles - 18 total
![[REPOST] Installing Genymotion for Android App Pentesting: The Definitive Guide](https://media2.dev.to/dynamic/image/width=1000,height=420,fit=cover,gravity=auto,format=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7m76bhi1cncal3oq8xxg.png)
[REPOST] Installing Genymotion for Android App Pentesting: The Definitive Guide
With the growing use of mobile applications, the security of these applications has become a key...
Alibaba Cloud OOS Misconfiguration: File Upload via HTTP PUT
Security misconfiguration represents one of the most common vulnerabilities in cloud environments. In...
How I found my "First Bug" in a public bug bounty program
Today I was reviewing my Telegram channels and realized that I hadn't written a summary of my "first...
Exploiting CLRF in PHP cURL to retrieve Azure Access Tokens
Server-Side Request Forgery (SSRF) is a critical vulnerability that allows an attacker to force a...
Server-Side Template Injection in Go
Server-Side Template Injection is a vulnerability that arises when user input is improperly processed...
Next.js Middleware Broken Access Controls
Recently, an Authorization Bypass vulnerability was discovered in the Next.js framework (one of the...
PHAR Deserialization in Monolog 2.7
Monolog is a PHP logging library that sends logs to files, websockets, databases and other web...
Attacking WebDAV Protocol
WebDAV (Web-based Distributed Authority Version) is a legacy protocol that can be defined as an...
2FA Bypass via Response Manipulation
You know that vulnerability that says "the developer must have the intention to collaborate with an...
SSRF via Spring Cloud Gateway
In Bug Bounty programs, it's extremelly common to find subdomains without a defined index,...
Easy Bug: Open-Redirect on OAuth 2.0 redirect_uri param
One of the most basic bugs present in insecure OAuth 2.0 implementations is the possibility of...
From debug mode enabled to PII disclosure via BFLA
Today I bring a recent case, when analyzing the authentication flow of an application, I observed a...
Attacking Misconfigured Amazon Cognito: Zero-Click Account Takeover
Introduction Amazon Cognito is a delegated service for providing...
AWS S3 Bucket Subdomain Takeover
Subdomain Takeover is a domain hijacking technique and occurs when there is a CNAME (Canonical Name,...
Always keep this hacking technique in mind: how to enumerate AWS S3 Buckets behind a CDN
Imagine that during an engagement you come across a static website, with only an image on the home...
Easy RCE with LaTeX via file upload
Who has never analyzed a website and ended up causing an error and discovered that the server was in...
SSRF retrieving temporary credentials from AWS Metadata
In this post, we will explore CVE-2021-40438, which is an SSRF vulnerability in Apache mod_proxy...
Path traversal via alias misconfiguration in Nginx
Nginx is undoubtedly one of the most widely used web servers (which also has other features such as...