Day039

今日重点:

1.Zero-day in Sign in with Apple

https://bhavukjain.com/blog/2020/05/30/zeroday-signin-with-apple/

漏洞挖掘资源

1.SAML Testing

2.SSTI to Local File Read

https://www.r29k.com/articles/bb/ssti

3.crtfinder v2

https://github.com/eslam3kl/crtfinder

4.Exploiting dynamic rendering engines to take control of web apps

https://r2c.dev/blog/2020/exploiting-dynamic-rendering-engines-to-take-control-of-web-apps/

5.Bug-Bounty-Toolz

https://github.com/m4ll0k/Bug-Bounty-Toolz

6.Reconizer

https://github.com/Sicks3c/Reconizer

7.Bug-Bounty-Roadmaps

https://github.com/1ndianl33t/Bug-Bounty-Roadmaps

漏洞报告学习

1.Chaining vulnerabilities lead to account takeover

https://ahzsec.medium.com/chaining-vulnerabilities-lead-to-account-takeover-b583f0c10591

2.Unauthenticated Account Takeover Through HTTP Leak

https://medium.com/bugbountywriteup/unauthenticated-account-takeover-through-http-leak-33386bb0ba0b

3.Spear Phishing in Google Cloud

https://medium.com/@filipz0203/spear-phishing-in-google-cloud-a80fb42577fe

发表评论

Fill in your details below or click an icon to log in:

WordPress.com 徽标

您正在使用您的 WordPress.com 账号评论。 注销 /  更改 )

Google photo

您正在使用您的 Google 账号评论。 注销 /  更改 )

Twitter picture

您正在使用您的 Twitter 账号评论。 注销 /  更改 )

Facebook photo

您正在使用您的 Facebook 账号评论。 注销 /  更改 )

Connecting to %s