SSRF

Tagged

A collection of 2 posts

Demystifying the Server-Side 2020

I, Harsh and Rajanish conducted a workshop at Ekoparty, HacktivityConf & NoNameCon 2020. Below are the links to the slides and video of the same :) We received really good feedback for the content presented and hope you enjoy it as well. Slides - https://docs.google.com/presentation/d/1dYmdqZh-8JJ-FV20dtAz4VTLshDNBIhpGvfr4xv0OiA

Local File Read

Local File Read via XSS in Dynamically Generated PDF

Hello Hunters, This time I am writing about a Vulnerability found in another private program(xyz.com) on Bugcrowd which at first I thought wasn't much impactful (P4) but later escalated it to a P1. While browsing the Application I came across an endpoint which allowed us to download some