Skip to the content
Hacktive Security Blog
  • Pin Posts
  • Home
  • o___o

o___o

0
0
Responsible disclosure – Reflected XSS on hireon.amazon.com
Application Security

Responsible disclosure – Reflected XSS on hireon.amazon.com

o___o
April 13, 2018June 20, 2021
On March 13th, by using dnsrecon (https://github.com/darkoperator/dnsrecon) and a huge wordlist, I came across with an Amazon domain (hireon.amazon.com) with a Reflected XSS. Usually I...
Read More
0
0
Happy Hacking Easter (story of privacy violation into an eggshell)
Mobile

Happy Hacking Easter (story of privacy violation into an eggshell)

o___o
July 22, 2015June 20, 2021
In accordance with ethics of responsible disclosure, the vendor was informed but emails were left unreplied/ignored Timeline First email on 08 March 2016Second email on...
Read More
0
0
Symantec Security Information Manager, multiple vulnerabilities (XSS, SQLi, Information Disclosure)
Application Security

Symantec Security Information Manager, multiple vulnerabilities (XSS, SQLi, Information Disclosure)

o___o
July 1, 2013June 20, 2021
Hi there, we missed here for quite a while but one more time we are back with something (hopefully) interesting. In the past months we...
Read More
0
0
Abusing Ruzzle protocol, privacy violation and more…
Mobile

Abusing Ruzzle protocol, privacy violation and more…

o___o
March 21, 2013June 20, 2021
In the beginning of January 2013 we started a security research project focused on some of the most spreaded mobile applications and considering how popular Ruzzle became...
Read More

Recent Post

Linux Kernel Exploit Development: 1day case study

KRWX: Kernel Read Write Execute

Intigriti XSS Challenge – December 2021

Intigriti November XSS Challenge

CVE-2021-43136 – FormaLMS – The evil default value that leads to Authentication Bypass

Top Category

Application Security

Mobile

Reverse Engineering

  • Pin Posts
Copyright © 2022 Hacktive Security Blog. All rights reserved.
Theme: Masonry Grid By Themeinwp. Powered by WordPress.
To the Top ↑ Up ↑