“##load behavior. - how i hacked microsoft teams and got $ 150, 000 in pwn2own rce in microsoft teams through a combination of bugs including xss via chat message, lack of context isolation, and js execution outside the sandbox. - aws waf clients left vulnerable to sql injection d…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
94%
“access in sap enterprise software exploiting sap enterprise via the p4 protocol and jndi reference injection. - aws waf bypass : invalid json object and unicode escape sequences bypassing aws waf via invalid json with duplicated parameter names. - cookie crumbles : breaking and f…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
93%
“of cross - origin resource sharing ( cors ) misconfigurations on internal networks using typo - squatting domains to probe for and exfiltrate sensitive data without violating bug bounty rules. - rce via ldap truncation on hg. mozilla. org achieved remote code execution ( rce ) on…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
71%
“meta tag for potential phishing, bypassing strict csp with no effective xss. - azure b2c crypto misuse and account compromise extracting public rsa keys to craft valid oauth refresh tokens and compromise azure ad b2c user accounts. - compromising f5 bigip with request smuggling e…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
65%
“for. pth files to gain arbitrary code execution via limited file write vulnerability. - from akamai to f5 to ntlm... with love. leveraging http request smuggling and cache poisoning via akamai and f5 bigip systems to redirect and steal sensitive data including authorization token…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1528Steal Application Access Token
59%
“##s in vbulletin. - cookieless duodrop : iis auth bypass & app pool privesc in asp. net framework bypassing iis authentication and impersonating parent application pool identities in asp. net using double cookieless pattern. - hunting for nginx alias traversals in the wild levera…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.006Vulnerabilities
57%
“top 10 web hacking techniques of 2023 - nominations open research academy my account customers about blog careers legal contact resellers attack surface visibility improve security posture, prioritize manual testing, free up time. ci - driven scanning more proactive security - fi…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
56%
“- handling paths. - code vulnerabilities put skiff emails at riskr bypassing skiff ' s html sanitization to achieve xss and steal decrypted emails. - how to break saml if i have paws? attacking saml implementations through xml signature wrapping, plaintext injections, signature e…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1068Exploitation for Privilege Escalation
50%
“sanitization bypass within metamask snaps environment. - uncovering a crazy privilege escalation from chrome extensions escalation to arbitrary code execution via chrome : / / url xss and filesystem : protocol abuse in chrome extensions on chromeos. - code vulnerabilities put pro…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
40%
“portswiggerres or @ albinowax @ infosec. exchange. i ' ve made a few nominations myself to get things started, and i ' ll update this list with fresh community nominations every few days. in the spirit of excessive automation, i ' ve included ai - assisted summaries of each entry…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1210Exploitation of Remote Services
36%
“for. pth files to gain arbitrary code execution via limited file write vulnerability. - from akamai to f5 to ntlm... with love. leveraging http request smuggling and cache poisoning via akamai and f5 bigip systems to redirect and steal sensitive data including authorization token…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195.001Compromise Software Dependencies and Development Tools
31%
“meta tag for potential phishing, bypassing strict csp with no effective xss. - azure b2c crypto misuse and account compromise extracting public rsa keys to craft valid oauth refresh tokens and compromise azure ad b2c user accounts. - compromising f5 bigip with request smuggling e…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Update: The results are in! Check out the final top ten here or scroll down to view all nominations Over the last year, numerous security researchers have shared their discoveries with the community t