Abdulrhman Alqabandi

@Qab

Browser security enthusiast

Vrijeme pridruživanja: kolovoz 2008.

Tweetovi

Blokirali ste korisnika/cu @Qab

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @Qab

  1. Prikvačeni tweet
    24. pro 2019.

    Writeup on how I made $40,000 breaking the new Chromium Edge using essentially two XSS flaws.

    Poništi
  2. proslijedio/la je Tweet
    27. sij

    Did you know that the address '<a@b.com>c@d.com' when given to SES will send an email to a@b.com? this could lead to interesting exploit scenarios with some email parsing libraries/code

    Poništi
  3. 14. sij

    Eyy my latest writeup on Chromium Edge was nominated JIT. An honor!

    Poništi
  4. proslijedio/la je Tweet
    9. sij

    I'm very excited to share my blogpost series (including PoC code) about a remote, interactionless iPhone exploit over iMessage:

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    8. sij
    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    27. pro 2019.

    My "simple" XSS challenge is over! Once again congratz to and for solving it! But also to everyone else that tried their best. Have you found all 11 vulnerabilities? 💪

    Poništi
  7. proslijedio/la je Tweet
    21. pro 2019.

    New writeup, one of my favorite bugs 🤠 - Filling in the Blanks: Exploiting Null Byte Buffer Overflow for a $40,000 Bounty Featuring...

    Poništi
  8. proslijedio/la je Tweet
    17. pro 2019.

    Security firm CheckPoint discovered a WhatsApp issue that meant an attacker could send a specific group message and crash the app. Okay, fair enough. But the framing was... just a little bit over the top. We didn't cover. Accurately informing users clearly not the motivation.

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet

    We are looking for a web vulnerability researcher to join the PortSwigger research team.

    Poništi
  10. proslijedio/la je Tweet
    10. pro 2019.

    Just blogged CVE-2019-17003, If you scan random QR codes here is a thing for you.

    Poništi
  11. proslijedio/la je Tweet
    Poništi
  12. proslijedio/la je Tweet
    6. pro 2019.

    Hello Twitter people. My team is organizing a great CTF in two weeks. I prepared some WEB challenges for you, so I cannot imagine not seeing you there! Some of you have asked how you can gain skills in the security field and this is it, try us :) Retweets more than appreciated.

    Poništi
  13. proslijedio/la je Tweet
    27. stu 2019.

    Do you love design issues, memory corruption, or IPC/sandbox in the browser? Let’s work together to find bugs in Edge and Chromium :)

    Poništi
  14. proslijedio/la je Tweet
    19. stu 2019.

    I presented about Site Isolation in Google's event called 🙂 / "The world of Site Isolation and compromised renderer" Slide: Video:

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    18. stu 2019.

    Here’s probably my favorite XSS of this year :) This is why we love legacy browser features like DOM Clobbering ;)

    Poništi
  16. proslijedio/la je Tweet
    16. stu 2019.

    Chrome, Edge, Safari hacked at Tianfu Cup, China's elite hacking competition - (old) Edge hacked 3 times - Chrome twice - Safari once - Office 365 hacked in 16 seconds - 32 sessions announced: 13 successful, 7 failed, 12 abandoned

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet

    Frameset onpageshow vector <frameset onpageshow=alert(1)> by added to the XSS cheat sheet

    Poništi
  18. 9. stu 2019.

    CVE-2019-1356 - Microsoft Edge (EdgeHTML) Local file disclosure + EoP write up

    Poništi
  19. proslijedio/la je Tweet
    6. stu 2019.

    It's .NET Remoting story time, this week the case of the missing URI header and it's usefulness for a generic exploit payload. . Note, I might have gone overboard with the prose, sorry about that.

    Poništi
  20. proslijedio/la je Tweet
    3. stu 2019.

    "Mix and match to bypass the same-origin policy" by

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·