Skip to main content

List of all Bugs

#m@n@n🕊️:
Sql Injection Attack 
Hibernate Query Language Injection
Direct OS Code Injection
XML Entity Injection
Broken Authentication and Session Management
Cross-Site Scripting (XSS)
Insecure Direct Object References
Security Misconfiguration
Sensitive Data Exposure
Missing Function Level Access Control
Cross-Site Request Forgery (CSRF)
Using Components with Known Vulnerabilities
Unvalidated Redirects and Forwards 
Cross Site Scripting Attacks
Clickjacking Attacks
DNS Cache Poisoning
Symlinking \96 An Insider Attack
Cross Site Request Forgery Attacks
Remote Code Execution Attacks
Remote File inclusion 
local file inclusion 
Evercookie
Denial of Service Attack
Hacking Auto-Complete (Safari v1, Safari v2 TabHack, Firefox, Internet Explorer)
Cookie Eviction
Converting unimplementable Cookie-based XSS to a persistent attack
phpwn: Attack on PHP sessions and random numbers
NAT Pinning: Penetrating routers and firewalls from a web page (forcing router to port forward)
Mapping a web browser to GPS coordinates via router XSS + Google Location Services without prompting the user
XSHM Mark 2
MitM DNS Rebinding SSL/TLS Wildcards and XSS
Using Cookies For Selective DoS and State Detection
Quick Proxy Detection
Flash Camera and Mic Remember Function and XSS
Improving HTTPS Side Channel Attacks
Side Channel Attacks in SSL
Turning XSS into Clickjacking
Bypassing CSRF protections with ClickJacking and HTTP Parameter Pollution
CSS History Hack In Firefox Without JavaScript for Intranet Portscanning
Popup & Focus URL Hijacking
Hacking Facebook with HTML5
Stealing entire Auto-Complete data in Google Chrome
Chrome and Safari users open to stealth HTML5 AppCache attack
DNS Rebinding on Java Applets
Strokejacking
The curse of inverse strokejacking
Re-visiting JAVA De-serialization
Fooling B64_Encode(Payload) on WAFs and filters
MySQL Stacked Queries with SQL Injection...sort of
A Twitter DomXss, a wrong fix and something more
Get Internal Network Information with Java Applets
Java DSN Rebinding + Java Same IP Policy = The Internet Mayhem
Java Applet Same IP Host Access
SP.NET 'Padding Oracle' Crypto Attack
Posting raw XML cross-domain
Generic cross-browser cross-domain theft
One vector to rule them all
HTTP POST DoS
Penetrating Intranets through Adobe Flex Applications
No Alnum JavaScript (cheat sheet, jjencode demo)
Attacking HTTPS with Cache Injection
Tapjacking: owning smartphone browsers
Breaking into a WPA network with a webpage
XSS-Track: How to quietly track a whole website through single XSS
Next Generation Clickjacking
XSSing client-side dynamic HTML includes by hiding HTML inside images and more
Stroke triggered XSS and StrokeJacking
Internal Port Scanning via Crystal Reports
Lost in Translation (ASP\92s HomoXSSuality)
Cross Site URL Hijacking by using Error Object in Mozilla Firefox
JavaSnoop
IIS5.1 Directory Authentication Bypass by using ":$I30:$Index_Allocation"
Universal XSS in IE8
padding oracle web attack (poet, Padbuster, demo)
IIS6/ASP & file upload for fun and profit
Google Chrome HTTP AUTH Dialog Spoofing through Realm Manipulation
NoScript Bypass - "Reflective XSS" through Union SQL Poisoning Trick
Persistent Cross Interface Attacks
Port Scanning with HTML5 and JS-Recon
Performing DDoS attacks with HTML5 Cross Origin Requests & WebWorkers
Cracking hashes in the JavaScript cloud with Ravan
Stored XSS Vulnerability @ Amazon
Poisoning proxy caches using Java/Flash/Web Sockets
How to Conceal XSS Injection in HTML5
Expanding the Attack Surface
Chronofeit Phishing
Non-Obvious (Crypto) Bugs by Example
SQLi filter evasion cheat sheet (MySQL)
Tabnabbing: A New Type of Phishing Attack
UI Redressing: Attacks and Countermeasures Revisited
Cookie Poisoning
Pwning via SSRF 
Chrome addon hacking
Bruteforce of PHPSESSID
Blended Threats and JavaScript
Cross-Site Port Attacks
Permanent backdooring of HTML5 client-side application
CAPTCHA Re-Riding Attack
XSS: Gaining access to HttpOnly Cookie in 2012
Attacking OData: HTTP Verb Tunneling, Navigation

Properties for Additional Data Access, System Query Options ($select)
HTTP Parameter Pollution
URL Hijacking
Strokejacking
Generic cross-browser cross-domain theft
Next Generation Clickjacking

Comments

  1. Pilogindia2 February 2019 at 04:06

    Nice article...
    SAP MDG Add-On
    Master Data Dictionary
    Master Data Problems
    Master Data Governance
    SAP Master Data Governance
    Data Cleansing Services
    Master Data Management
    Vendor Master Data Management
    Material Master Data Management
    Customer Master Data Management
    Product Master Data Management
    Service Master Data Management
    Inventory Analysis

    ReplyDelete
  2. PiLoggroup25 April 2019 at 04:26

    Nice post....
    We are providing the best master data services around the world....visit our website for more information....
    data management services
    master data management in sap
    data cleansing tools
    Master Data Governance
    Data Cleansing Services
    data classification tools
    Master Data Management SolutionsVendor Master Data Management
    Customer Master Data Management
    Service Master Data Management
    mdom

    ReplyDelete
  3. PiLoggroup14 May 2019 at 03:21

    Nice post....
    We are providing the best master data services around the world....visit our website for more information....
    Master Data in sap
    Security & Compliance
    Master Data Management
    Inventory Analysis
    SAP Master Data Governance
    data management services
    master data management in sap
    data cleansing tools
    Master Data Governance

    ReplyDelete
  4. PiLoggroup21 May 2019 at 03:35

    Nice post...
    We are providing the best master data services around the world....visit our website for more information....
    Master Data Governance
    Data Cleansing Services
    data classification tools
    Master Data Management Solutions
    data transformation service
    Material Master Data Management
    Master Data Dictionary
    Master Data Problems
    Vendor Master Data Management

    ReplyDelete
  5. PiLoggroup17 June 2019 at 03:04

    Nice post...
    We are providing the best master data services around the world....visit our website for more information....
    Master Data in sap
    Security & Compliance
    Master Data Management
    Inventory Analysis
    SAP Master Data Governance
    data management services
    master data management in sap
    data cleansing tools
    Master Data Governance

    ReplyDelete

Post a Comment

Popular posts from this blog

Russian Central Bank planning their own #cryptocurrency 😱😱😱

Russian Central Bank planning their own #cryptocurrency 😱😱😱 Speaking at the 2017 St. Petersburg International Economic Forum today, deputy chairwoman of Russia’s central bank Olga Skorobogatova has, in a significant revelation, stated that the regulator is working on a national digital currency. According to a report by TASS, Russia’s largest news agency, Skorobogatova sees national cryptocurrencies as the future and claimed that it’s merely a matter of time before countries around the world adopt national digital currencies. She stated: " Regulators of all countries agree that it’s time to develop national cryptocurrencies, this is the future. Every country will decide on specific time frames. After our pilot projects, we will understand what system we could sue in our case for our national currency. "
Post a Comment
Read more

50 HIGH PR FORUMS AND BOOKMARKING SITES FOR BACKLINKS

50 HIGH PR FORUMS AND BOOKMARKING SITES FOR BACKLINKS http://answers.microsoft.com/en-us http://archiveoflinks.com / http://community.sitepoint.com / http://de.lirio.us / http://del.icio.us / http://dondir.com / http://filesharingtalk.com / http://forum.deviantart.com / http://forum.joomla.org / http://forums.cnet.com / http://forums.hostgator.com / http://forums.mysql.com / http://forums.searchenginewatch.com / http://simplemachines.org/community/index.php http://www.247webdirectory.com / http://www.2daydir.com / http://www.9dir.com/Submit http://www.9sites.net / http://www.9w1.net / http://www.a1webdirectory.org / http://www.abacusseo.com / http://www.abc-directory.com / http://www.abigdir.com / http://www.acewebdirectory.com / http://www.add2us.com / http://www.addbusiness.net / http://www.addlink.us / http://www.addlinkzfree.com / http://www.addsite.info / http://www.afreeurl.info / http://www.agrieducation.org / http://www.alistdirectory.com / http
Post a Comment
Read more

Blogs on Computer Security:

Blogs on Computer Security: https://antelox.blogspot.com / http://www.dumpanalysis.org/blog / http://www.abuse.ch / http://zairon.wordpress.com / http://androguard.blogspot.com / http://blog.w4kfu.com / http://akhenath0n.blogspot.com / http://diarrlf.wordpress.com / http://deobfuscated.blogspot.com / http://www.h-i-r.net / http://mysterie.fr/blog / http://www.skullsecurity.org/blog / http://www.wrgross.com/blogs/security / http://net-effects.blogspot.com / http://eiploader.wordpress.com / http://cyb3rsleuth.blogspot.com / http://0entropy.blogspot.com / http://siri-urz.blogspot.com / http://newsoft-tech.blogspot.com / http://www.ragestorm.net/blogs / http://codeexploration.blogspot.com / http://esploit.blogspot.com / http://thexploit.com / http://mysterie.fr/blog / http://bailey.st/blog / http://touchmymalware.blogspot.ru / http://blog.delroth.net / http://novahackers.blogspot.com / http://greatis.com/blog / http://mcdermottcybersecurity.com / http://grand
1 comment
Read more
200++ high pr eductinon&goverment site backline As We know how important backlinks are for rankings in Google for a blog/site and page rank which definitely is the trusted way to show how well your blog is which most advertiser look for.I have come up with top .gov & .edu website by registering where you can get backlinks easily.Sograb these backlinsk and see the magic how  your website ranks on Google with these high PR boosting .gov and .edu backlinks.A high quality backlinks worth thousands low quality backlinks, especially the one coming fromedu and .gov sites. Google loves backlinks from.edu & .gov sites and thus give your site good ranking in SERPs. An edu & .’gov backlinks is associated with an educational institute & government organization therefore considered asmost authentic and valued backlink in term of SEO because they are from non-profit source givequality information, not a spam one and since exists for long time in the field, have high PageRank t
Post a Comment
Read more

Tor Darkweb Link

Tor link max telegram big acker: https://cardedlxzxsphu5y.onion/ SHOP FOR BUYING CARDED PRODUCTS https://2or24opd2hkebadv.onion/index.php  TORBAY FORUM chickencaptain: http://kpynyvym6xqi7wz2.onion/ parazite files and links max telegram big acker: https://kr5hou2zh4qtebqk.onion.cab/ezines/ ARCHIEVE OF SOME VINTAGE AS WELL AS NEW STUFFS https://superkuhbitj6tul.onion/library/ LIBRARY OF BOOKS ON VARIOUS TOPICS https://yuxv6qujajqvmypv.onion/ GUIDE ON USING AN SECURE OPERATING SYSTEM https://bpo4ybbs2apk4sk4.onion/en A COLLECTION OF TOOLS RELATED TO SECURITY P4RN3R: https://ondemand5xot4hdw.onion/  Tor On Demand max telegram big acker: https://f3mnl42ax3qtu3a7.onion/ GOVT LEAKS https://kzspryu63qbjfncp.onion/  DIGITAL PAWN SHOP https://yniir5c6cmuwslfl.onion/ STRANGE WEBSITE, CANT DESCRIBE https://vrimutd6so6a565x.onion.cab/index.php/Board ANONYMOUS POSTING https://h2am5w5ufhvdifrs.onion/ CRYPTOME ARCHIVE OF GOV CONSPIRACY FILES https://torc5bhzq6xorhb4.onion/ TURKISH
Post a Comment
Read more

How to Hack Website

inurl:/editor/editor/filemanager Just open uploadtest.html Or test.html Then select PHP server Upload file Copy uploaded file url Paste it after the link Www.xyz.com //.... Enjoy Regards :- HACKER 22385
Post a Comment
Read more

open a new bitcoin account and made double money

open a new bitcoin account and made double money MenuAbout UsContact Us Privacy Policy Disclaimer Sitemap  Main MenuBlogging tipsBlog designing  Blog traffic How TosMake Money Online  How to open a bitcoin account, earn, double your earnings and withdraw your money to physical cash. Bloggers Prof 11:12:00 AM  4 I recently discovered that people are now interested in bitcoin because of its high rate of popularity now in telegram, but nevertheless, I would be talking today on  how to get money into your bitcoin wallet  and how to go about your funds, weather you would withdraw it or you sell it to someone, I talked about everything you need to know about bitcoin and how to create your wallet, create your wallet let's move to today's deal. There are many ways to get  money into your wallet,   you can buy and you can also earn it , I want to show you list of sites you can earn bits from fast, After so many online research on how to get free bitcoins, I came across many we
Post a Comment
Read more

List of IP range for RDP cracking

MR_Liosion: Range IP AMAZON 8.18.144.0 - 8.18.144.255 8.18.145.0 - 8.18.145.255 79.125.0.0 - 79.125.63.255 216.137.32.0 - 216.137.63.255 207.171.160.0 - 207.171.191.255 23.20.0.0 - 23.23.255.255 107.20.0.0 - 107.23.255.255 184.72.0.0 - 184.73.255.255 72.21.192.0 - 72.21.223.255 50.16.0.0 - 50.19.255.255 199.255.192.0 - 199.255.195.255 67.202.0.0 - 67.202.63.255 204.236.128.0 - 204.236.255.255 75.101.128.0 - 75.101.255.255 174.129.0.0 - 174.129.255.255 79.125.64.0 - 79.125.127.255 204.246.160.0 - 204.246.191.255 184.169.128.0 - 184.169.255.255 50.112.0.0 - 50.112.255.255 54.240.0.0 - 54.255.255.255 72.44.32.0 - 72.44.63.255 176.32.64.0 - 176.32.71.255 87.238.84.0 - 87.238.85.255 205.251.192.0 - 205.251.255.255 178.236.0.0 - 178.236.7.255 87.238.86.0 - 87.238.87.255 87.238.80.0 - 87.238.81.255 103.4.12.0 - 103.4.15.255 103.4.8.0 - 103.4.11.255 87.238.82.0 - 87.238.83.255 176.32.80.0 - 176.32.87.255 27.0.0.0 - 27.0.3.255 17
Post a Comment
Read more

hacking tools and lab

Resources (Free) Virtual Networks (VPNs) • ChaosVPN: http://wiki.hamburg.ccc.de/ChaosVPN • Gh0st Networks: http://www.gh0st.net / • Hacking Lab: https://www.hacking-lab.com / • p0wnlabs: http://p0wnlabs.com / • pwn0: https://pwn0.com / • PentestIT: https://lab.pentestit.ru / Custom Personal Targets • Hack A Server: https://hackaserver.com / • Hack Me: http://hack.me / • Hack This: https://www.hackthis.co.uk / • Smash The Stack: http://smashthestack.org / • Hack The Box: https://www.hackthebox.gr / • SecAdvise: https://labs.secadvise.com / • DarkHive: http://darkhive.net / • Avatao: https://avatao.com / • Root-Me: https://www.root-me.org / Archive/Repository • Security Conference Library: http://archive.liquidmatrix.org / • Shell-Storm.org Repository: http://repo.shell-storm.org/CTF / Misc • Bug crowd: http://bugcrowd.com / • CTF Time: http://ctftime.org / • CTF365: http://ctf365.com / • Hacker Cons: http://hackercons.org / • Hat Force: https://www.hatforce.c
4 comments
Read more