If Allah willed it, will be back soon!

The Qualys Research Team has discovered a critical vulnerability in #Sudo, which allows an unprivileged user to gain root privileges in its default configuration. #linux #unix #vulnerability https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit

Stripo Inc disclosed a bug submitted by kapkan: https://hackerone.com/reports/1009046 #hackerone #bugbounty

Today I'm glad to share with you my new small tool #Bughound which is a static code analysis tool based on Elasticsearch.

You can use #Bughound during your static code analysis to initially spot potential vulnerabilities in the code.

https://shells.systems/unveiling-bughound-a-static-code-analysis-tool-based-on-elasticsearch/

1. Hunting for Bugs in Android App
https://medium.com/bugbountywriteup/hunting-for-bugs-in-android-app-fe9158a556d3

2. Template Injection in Action
https://gosecure.github.io/template-injection-workshop/#0

3. Bypass all Powershell security features
https://github.com/OmerYa/Invisi-Shell

#bugbountytips #resources #CyberSec #infosec #Linux #Microsoft #cybersecurity #Google #coding

#BugBounty
#infosec #bugbountytips
#cybersecurity

1. SSRF exploitation in Spreedsheet to PDF converter
https://r4id3n.medium.com/ssrf-exploitation-in-spreedsheet-to-pdf-converter-2c7eacdac781
2. CSRF Protection Bypass in Atlassian Confluence Server
https://yeuchimse.com/csrf-protection-bypass-in-atlassian-confluence-server
3. MSSQL Lateral Movement
https://research.nccgroup.com/2021/01/21/mssql-lateral-movement/amp/?__twitter_impression=true