Hunting Bugs for Fun and Profit
☆275Jul 29, 2020Updated 5 years ago
Alternatives and similar repositories for Facebook-Bug-Bounty-Write-ups
Users that are interested in Facebook-Bug-Bounty-Write-ups are comparing it to the libraries listed below
Sorting:
- Happy Hunting☆138Jan 25, 2019Updated 7 years ago
- Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!☆297Jun 10, 2019Updated 6 years ago
- There is no pre-auth RCE in Jenkins since May 2017, but this is the one!☆607May 17, 2019Updated 6 years ago
- Facebook Bug Bounties☆106Feb 24, 2021Updated 5 years ago
- CVE-2018-8021 Proof-Of-Concept and Exploit☆106Dec 3, 2018Updated 7 years ago
- SSRF (Server Side Request Forgery) testing resources☆2,483Oct 12, 2024Updated last year
- Service Worker 安全探索☆74Nov 5, 2018Updated 7 years ago
- Web Security Technology & Vulnerability Analysis Whitepapers☆549Jan 1, 2019Updated 7 years ago
- 参考《利用分块传输吊打所有WAF》修改的requests的Adapter☆98Jan 31, 2019Updated 7 years ago
- 用于记录分享一些有趣的案例☆866Jan 10, 2022Updated 4 years ago
- CVE-2019-3396 confluence SSTI RCE☆174Oct 1, 2020Updated 5 years ago
- CVE-2019-12949☆26Jun 28, 2019Updated 6 years ago
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,774Apr 26, 2024Updated last year
- Use HTTP Smuggling Lab to learn HTTP Smuggling.☆346Nov 20, 2022Updated 3 years ago
- Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature☆4,068Jul 31, 2024Updated last year
- Apache Solr Injection Research☆579Jan 28, 2020Updated 6 years ago
- RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl☆210Mar 10, 2019Updated 6 years ago
- A Burp Suite extension to help pentesters to bypass WAFs or test their effectiveness using a number of techniques☆736May 4, 2019Updated 6 years ago
- Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans☆584Sep 7, 2021Updated 4 years ago
- Sublert is a security and reconnaissance tool which leverages certificate transparency to automatically monitor new subdomains deployed b…☆1,027Feb 5, 2021Updated 5 years ago
- Collection of Facebook Bug Bounty Writeups☆705Jan 16, 2026Updated last month
- FileReader Exploit☆256Mar 20, 2019Updated 6 years ago
- flash 劫持轮子,CSRF,劫持,跳转,swf 有需求可以提issues ,src挖掘,劫持response☆86Nov 9, 2019Updated 6 years ago
- CVE-2018-8581 | Microsoft Exchange Server Elevation of Privilege Vulnerability☆332Dec 30, 2018Updated 7 years ago
- Hacking Facebook for fun and profit: It’s not that hard, apparently (exclusive)☆62Jul 2, 2019Updated 6 years ago
- CVE-2019-2725 命令回显☆436May 8, 2023Updated 2 years ago
- exploit for ImageMagick's uninitialized memory disclosure in gif coder☆284Jul 22, 2017Updated 8 years ago
- web模糊测试 - 将漏洞可能性放大☆145Apr 23, 2019Updated 6 years ago
- 🐱💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱💻☆153Feb 25, 2019Updated 7 years ago
- 用于辅助安全工程师漏洞挖掘、测试、复现,集合了mock、httplog、dns tools、xss,可用于测试各类无回显、无法直观判断或特定场景下的漏洞。☆866Jul 21, 2019Updated 6 years ago
- BCS(北京网络安全大会)2019 红队行动会议重点内容☆819Sep 4, 2019Updated 6 years ago
- ☆404Feb 28, 2020Updated 6 years ago
- Burp extension to detect alias traversal via NGINX misconfiguration at scale.☆265Nov 18, 2021Updated 4 years ago
- 在渗透测试中快速检测常见中间件、组件的高危漏洞。☆728Mar 21, 2022Updated 3 years ago
- PHP Runtime Vulnerability Detection☆480May 25, 2019Updated 6 years ago
- HackerOne Staffs☆29Dec 9, 2019Updated 6 years ago
- Zimbra XXE+SSRF+UPLOAD Poc☆59Jun 25, 2019Updated 6 years ago
- Bypassing disabled exec functions in PHP (c) CRLF☆406Oct 2, 2020Updated 5 years ago
- 一个包含php,java,python,C#等各种语言版本的XXE漏洞Demo☆815Nov 28, 2022Updated 3 years ago