Day[0]

255 Episodo

1. Discourse SNS RCE, a Stored XSS in GitLab, and a Reddit Race Condition [Bug Hunting]

   Publicado: 2/11/2021
2. A Kernel Race, SuDump, and a Chrome Garbage Collector Bug [Exploit Dev/VR]

   Publicado: 28/10/2021
3. A Slack Attack and a MySQL Scientific Notation Bug [Bug Hunting]

   Publicado: 26/10/2021
4. WebKit Bugs, a Windows Race, and House of IO Improved [Exploit Dev/VR]

   Publicado: 21/10/2021
5. WebSocket Hijacking, GitHub review bypass and SQLi to RCE [Bug Hunting]

   Publicado: 19/10/2021
6. HyperKit Bugs & an Open5GS Stack Overflow [Binary Exploitation]

   Publicado: 14/10/2021
7. SharePoint RCE & an Apache Path Traversal [Bug Hunting]

   Publicado: 12/10/2021
8. Chrome Exploits and a Firefox Update Bug [Binary Exploitation]

   Publicado: 7/10/2021
9. Gatekeeper Bypass, Opera RCE, and Prototype Pollution [Bounty Hunting]

   Publicado: 5/10/2021
10. Kernel UAFs and a Parallels VM Escape [Binary Exploitation]

    Publicado: 30/9/2021
11. iOS 0days, Apache Dubbo RCEs, and NPM bugs [Bounty Hunting]

    Publicado: 29/9/2021
12. A Curl UAF, iPhone FORCEDENTRY, and a Crazy HP OMEN Driver [Binary Exploitation]

    Publicado: 23/9/2021
13. A Flickr CSRF, GitLab, & OMIGOD, Azure again? [Bounty Hunting]

    Publicado: 21/9/2021
14. NETGEAR smart switches, SpookJS, & Parallels Desktop [Binary Exploitation]

    Publicado: 16/9/2021
15. Reused VMWare exploits & Escaping Azure Container Instances [Bounty Hunting]

    Publicado: 14/9/2021
16. Escaping the Bhyve, WhatsApp, & BrakTooth [Binary Exploitation]

    Publicado: 9/9/2021
17. Takeover A Facebook, SnapChat or JetBrains Account [Bounty Hunting]

    Publicado: 7/9/2021
18. NoSQL Injection, Mobile Misconfigurations and a Wormable Windows Bug

    Publicado: 25/5/2021
19. Cross-Browser Tracking, Frag Attacks, and Malicious Rust Macros

    Publicado: 18/5/2021
20. Fake Vulns, More Valve, and an AWS Cognito issue

    Publicado: 11/5/2021