all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

187 - Top 2022 Web Hacking Techniques and a Binance Bug [Bug Bounty Podcast]

Add to bookmarks
Feb. 14, 2023, 9 p.m. | DAY[0]

DAY[0] www.youtube.com

Bit slow this week, so we talk about the Top Web-hacking techniques of 2022, and some TruffleSec/XSS Hunter drama before so we cover a blockchain verification bug, and a simple path traversal to SSTI and RCE chain.

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/187.html

[00:00:00] Introduction
[00:00:32] Top 10 web hacking techniques of 2022
[00:06:30] TruffleSec/XSSHunter Drama
[00:15:33] Binance Smart Chain Token Bridge Hack
[00:24:01] Insecure path join to RCE via SSTI [CVE-2023-22855]
[00:29:06] Fearless CORS: …

binance blockchain bounty bridge bug bug bounty cve drama hack hacking hunter insecure introduction path path traversal podcast rce simple slow smart ssti techniques token top 10 verification web web hacking xss

Visit resource

More from www.youtube.com / DAY[0]

253 - A Retrospective and Future Look Into DAY[0] 1 week, 1 day ago | www.youtube.com
air bounty change future +5
252 - Bypassing KASLR and a FortiGate RCE [Binary Exploitation Podcast] 1 month ago | www.youtube.com
aslr binary binary exploitation bypass +23
251 - RCE'ing Mailspring and a .NET CRLF Injection [Bug Bounty Podcast] 1 month, 1 week ago | www.youtube.com
attack attack chain attacks bounty +16
Future of Exploit Development Follow-up (Episode 250) 1 month, 2 weeks ago | www.youtube.com
corruption development exploit exploit development +9
249 - libXPC to Root and Digital Lockpicking [Bug Bounty Podcast] 1 month, 2 weeks ago | www.youtube.com
android authentication authentication bypass bounty +22
248 - Binary Ninja Free and K-LEAK [Binary Exploitation Podcast] 1 month, 3 weeks ago | www.youtube.com
automated binary binary exploitation binary ninja +13
247 - Hacking Google AI and SAML [Bug Bounty Podcast] 1 month, 3 weeks ago | www.youtube.com
auth authentication authentication bypass automated +25
246 - Rust Memory Corruption??? [Binary Exploitation Podcast] 1 month, 4 weeks ago | www.youtube.com
access array binary binary exploitation +21
245 - A PHP and Joomla Bug and some DOM Clobbering [Bug Bounty Podcast] 2 months ago | www.youtube.com
api bounty bug bug bounty +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cybersecurity Engineer

@ Booz Allen Hamilton | USA, VA, Arlington (1550 Crystal Dr Suite 300) non-client
View on infosec-jobs.com

Invoice Compliance Reviewer

@ AC Disaster Consulting | Fort Myers, Florida, United States - Remote
View on infosec-jobs.com

Technical Program Manager II - Compliance

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Head of U.S. Threat Intelligence / Senior Manager for Threat Intelligence

@ Moonshot | Washington, District of Columbia, United States
View on infosec-jobs.com

Customer Engineer, Security, Public Sector

@ Google | Virginia, USA; Illinois, USA
View on infosec-jobs.com
View more jobs