Hacker Newsnew | past | comments | ask | show | jobs | submit | pentestercrab's submissionslogin
31.
PHP Development Server <= 7.4.21 – Remote Source Disclosure (projectdiscovery.io)
1 point by pentestercrab on Jan 29, 2023 | past
32.
Viewing Secrecy Through “Blank Spots on the Map” (2009) (fas.org)
4 points by pentestercrab on Jan 22, 2023 | past
33.
The search for the “perfect” Advent Calendar (2018) (jgc.org)
1 point by pentestercrab on Dec 8, 2022 | past
34.
RCE via SSTI on Spring Boot Error Page with Akamai WAF Bypass (h1pmnh.github.io)
1 point by pentestercrab on Dec 7, 2022 | past
35.
Reverse Branch Target Buffer Poisoning – New ASLR Bypass via CPU Vulns [pdf] (cos.ufrj.br)
3 points by pentestercrab on Nov 4, 2022 | past
36.
The latest OpenSSL vulns were added fairly recently (twitter.com/hanno)
179 points by pentestercrab on Nov 2, 2022 | past | 73 comments
37.
Ask HN: How are you, a dev/programmer, preparing for climate change?
3 points by pentestercrab on Oct 12, 2022 | past | 2 comments
38.
It Pays to Be Circomspect (trailofbits.com)
3 points by pentestercrab on Sept 15, 2022 | past | 1 comment
39.
Attacking Firecracker: AWS' MicroVM Monitor Written in Rust (graplsecurity.com)
212 points by pentestercrab on Sept 8, 2022 | past | 29 comments
40.
Multiple vulnerabilities in Nuki smart locks (nccgroup.com)
3 points by pentestercrab on July 25, 2022 | past
41.
Golang Code Review Notes by Elttam (elttam.com)
2 points by pentestercrab on June 30, 2022 | past
42.
Notes on OpenSSL remote memory corruption by Guido Vranken (guidovranken.com)
85 points by pentestercrab on June 27, 2022 | past | 13 comments
43.
ESP-IDF Setup Guide – Setting up an environment for ESP32 vulnerability research (elttam.com)
2 points by pentestercrab on June 6, 2022 | past
44.
Round Two: An Updated Universal Deserialisation Gadget for Ruby 2.x-3.x (devcraft.io)
1 point by pentestercrab on April 13, 2022 | past
45.
Git honours embedded bare repos and exploitation via core.fsmonitor (github.com/justinsteven)
1 point by pentestercrab on April 13, 2022 | past
46.
Ruby Deserialization Exploitation – New Gadget Chain for Ruby on Rails (github.com/httpvoid)
8 points by pentestercrab on March 29, 2022 | past
47.
Ask HN: Best Okta Alternative?
1 point by pentestercrab on March 23, 2022 | past | 2 comments
48.
Exploitation via Git embedded bare repos and core.fsmonitor, affects IDEs (github.com/justinsteven)
1 point by pentestercrab on March 18, 2022 | past
49.
Impossible color – Claimed evidence of ability to see colors not in color space (wikipedia.org)
2 points by pentestercrab on Jan 12, 2022 | past
50.
Bypass of allowedLdapHost check in Log4j 2.15.0 – Log4Shell (CVE-2021-44228) (twitter.com/marcioalm)
3 points by pentestercrab on Dec 17, 2021 | past | 1 comment
51.
The search for the “perfect” Advent Calendar (involves Python and Processing) (jgc.org)
1 point by pentestercrab on Dec 4, 2021 | past | 1 comment
52.
Data Exfiltration via CSS and SVG Font (l0.cm)
57 points by pentestercrab on Nov 29, 2021 | past | 10 comments
53.
The status of Ruby memory trimming and how you can help with testing (2019) (joyfulbikeshedding.com)
4 points by pentestercrab on Nov 19, 2021 | past
54.
FormatFuzzer: A framework for efficient and quality generation of binary inputs (uds-se.github.io)
3 points by pentestercrab on Oct 31, 2021 | past
55.
Ruby Universal RCE Deserialization Gadget Chain (2018) (elttam.com)
1 point by pentestercrab on Sept 28, 2021 | past
56.
Fail2ban – Remote Code Execution (securitum.com)
170 points by pentestercrab on Sept 28, 2021 | past | 63 comments
57.
Petrov Day 2021: Mutually Assured Destruction? (lesswrong.com)
4 points by pentestercrab on Sept 27, 2021 | past
58.
Home Assistant Amber (crowdsupply.com)
6 points by pentestercrab on Sept 16, 2021 | past
59.
GitHub Actions checkspelling community workflow GitHub_TOKEN leakage via symlink (github.com/justinsteven)
129 points by pentestercrab on Sept 9, 2021 | past | 35 comments
60.
Domino's iOS App Settings (twitter.com/cabel)
14 points by pentestercrab on Aug 13, 2021 | past

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: