Leaked API Key in Public JavaScript Leads to Potential Abuse
深夜渗透测试中发现目标网站domain.com暴露API密钥于JS文件中,可能引发数据篡改或账户滥用风险。
Aggregator
The Hidden .git
2 months 1 week ago
安全研究人员在寻找漏洞时转而探索新目标,使用subfinder和httpx扫描子域名,并发现多个IIS服务器及AI聊天机器人子域名,但未找到漏洞。
The Hidden .git
2 months 1 week ago
作者在考试压力下寻找新的漏洞目标,通过subfinder和httpx工具扫描子域名时发现一个AI聊天机器人,并尝试进一步分析但未找到漏洞。
VAPT Report on Credential Security in Windows 10 based Healthcare Infrastructure
2 months 1 week ago
本文记录了一次针对Windows 10系统的内部漏洞评估与渗透测试(VAPT),模拟内部威胁通过SAM枚举和NTLM哈希破解获取用户凭证的风险。测试使用Cain & Abel工具提取并破解哈希,揭示了弱密码和缺乏多因素认证等问题,并提出加强密码策略、实施MFA及遵循NIST和ISO标准的安全建议。
Authentication Bypass via Email Domain Suffix Manipulation
2 months 1 week ago
文章描述了一次身份验证绕过漏洞的发现过程。作者通过修改注册邮箱后缀成功绕过验证,进而访问其他用户数据并自我审批申请。该漏洞还导致敏感数据泄露及API全权控制。最终问题已修复。
Authentication Bypass via Email Domain Suffix Manipulation
2 months 1 week ago
作者发现一个身份验证绕过漏洞,通过修改电子邮件后缀成功注册并获得管理员权限,导致敏感数据泄露和系统控制权获取。漏洞已修复,并强调了输入验证和API保护的重要性。
Cloudflare推出AI爬虫红黑榜 字节跳动因不遵守抓取协议直接垫底
2 months 1 week ago
Cloudflare推出AI爬虫红黑榜,评估六家AI公司爬虫表现。OpenAI排名最高,字节跳动、Anthropic和xAI垫底。榜单将收录更多爬虫并评分。
How to use FOFA for security research
2 months 1 week ago
文章介绍了FOFA搜索引擎在网络安全领域的应用,强调其用于漏洞发现、侦察和安全研究的能力,并指出其在工业控制系统、中文网络覆盖等方面的优势。
How to use FOFA for security research
2 months 1 week ago
FOFA是一款强大的网络空间测绘工具,可用于漏洞发现、网络侦察和安全研究。它能搜索暴露数据库、配置错误API及工业控制系统等风险资产,在工业安全和中国网络覆盖方面优于Shodan和Censys。使用时需遵守法律和道德规范。
Day 2 – The Shift: From User to Hunter
2 months 1 week ago
这篇文章讲述了一个人在学习Linux过程中遇到的各种困难与挑战。从简单的命令无法执行到复杂的依赖问题,每一次失败都成为探索系统奥秘的动力。通过查阅文档、追踪文件路径以及与包管理器互动,作者逐渐理解了系统的运作方式,并意识到真正的成长始于克服这些原始而深刻的障碍。
Day 7: Reflected XSS into attribute with angle brackets HTML-encoded: Zero to Hero Series —…
2 months 1 week ago
Rayofhope分享PortSwigger实验室第23天内容,详细解析每一步原因。通过搜索功能字段测试XSS漏洞,展示如何利用用户输入直接插入页面的特性进行攻击。
Day 7: Reflected XSS into attribute with angle brackets HTML-encoded: Zero to Hero Series —…
2 months 1 week ago
Rayofhope分享PortSwigger实验室经验,讲解如何利用未转义的搜索字段注入脚本。
Day 6:DOM XSS in jQuery selector sink using a hashchange event : Zero to Hero Series — Portswigger
2 months 1 week ago
文章介绍了一个基于DOM的XSS漏洞实验室,利用jQuery的`$()`函数和`location.hash`属性触发漏洞。攻击者通过构造payload,在受害者浏览器中调用`print()`函数。
Day 6:DOM XSS in jQuery selector sink using a hashchange event : Zero to Hero Series — Portswigger
2 months 1 week ago
文章介绍了一个基于DOM的跨站脚本(XSS)漏洞实验室。该漏洞利用jQuery的$()函数和location.hash属性实现自动滚动功能。通过构造特定payload并利用iframe和hashchange事件触发漏洞,最终在受害者浏览器中执行print()函数。
SQL injection vulnerability allowing login bypass — Post Method
2 months 1 week ago
Rayofhope分享了关于PortSwigger实验室中SQL注入漏洞的知识,重点介绍了基于POST和GET方法的攻击类型,并提到识别单引号、双引号、括号和空格等关键字符的重要性。
SQL injection attack, listing the database contents on non-Oracle databases — Portswigg
2 months 1 week ago
这篇文章介绍了如何通过Union-based SQL注入攻击针对PostgreSQL数据库进行渗透测试。作者详细讲解了如何利用`information_schema.tables`和`information_schema.columns`枚举数据库表和列,并最终通过构造UNION查询获取了用户表中的敏感数据,包括用户名和密码。
Day 13: Visible error-based SQL injection — Zero to Hero Blind Injection — Portswigger
2 months 1 week ago
文章介绍了一个SQL注入漏洞的利用过程,通过分析跟踪cookie的响应和构造payload,成功提取了数据库中管理员用户的密码并登录。
CVE-2025-4381 | Ads Pro Plugin up to 4.89 on WordPress getSpace ID sql injection (EUVD-2025-19687)
2 months 1 week ago
A vulnerability classified as critical was found in Ads Pro Plugin up to 4.89 on WordPress. This vulnerability affects the function getSpace. The manipulation of the argument ID leads to sql injection.
This vulnerability was named CVE-2025-4381. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-6686 | Magic Buttons for Elementor Plugin up to 1.0 on WordPress Shortcode magic-button cross site scripting (EUVD-2025-19682)
2 months 1 week ago
A vulnerability classified as problematic has been found in Magic Buttons for Elementor Plugin up to 1.0 on WordPress. Affected is the function magic-button of the component Shortcode Handler. The manipulation leads to cross site scripting.
This vulnerability is traded as CVE-2025-6686. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-52925 | One Identity OneLogin Active Directory Connector up to 6.1.4 DirectoryToken transmission of private resources into a new sphere ('resource leak') (EUVD-2025-19689)
2 months 1 week ago
A vulnerability was found in One Identity OneLogin Active Directory Connector up to 6.1.4. It has been rated as problematic. Affected by this issue is some unknown functionality of the component DirectoryToken Handler. The manipulation leads to transmission of private resources into a new sphere ('resource leak').
This vulnerability is handled as CVE-2025-52925. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com