all InfoSec news
183 - CSS Injection and a Google Cloud Project Takeover Bug [Bug Bounty Podcast]
Jan. 31, 2023, 9 p.m. | DAY[0]
DAY[0] www.youtube.com
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/183.html
[00:00:00] Introduction
[00:00:22] Unleashing the power of CSS injection: The access key to an internal API
[00:06:50] MyBB Remote Code Execution Chain
[00:18:53] Client-Side SSRF to Google Cloud Project Takeover [Google VRP] …
access api auth bounty bug bug bounty client client-side cloud code code execution code injection css disclosures end exploit google google cloud injection internal introduction key mybb podcast power project remote code remote code execution server ssrf takeover token xss
More from www.youtube.com / DAY[0]
253 - A Retrospective and Future Look Into DAY[0]
2 weeks, 1 day ago |
www.youtube.com
245 - A PHP and Joomla Bug and some DOM Clobbering [Bug Bounty Podcast]
2 months, 1 week ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
Lead Security Specialist
@ Fujifilm | Holly Springs, NC, United States
Security Operations Centre Analyst
@ Deliveroo | Hyderabad, India (Main Office)
CISOC Analyst
@ KCB Group | Kenya
Lead Security Engineer – Red Team/Offensive Security
@ FICO | Work from Home, United States
Cloud Security SME
@ Maveris | Washington, District of Columbia, United States - Remote
SOC Analyst (m/w/d)
@ Bausparkasse Schwäbisch Hall | Schwäbisch Hall, DE