Sp1d3R – Sp1d3R's security blog

Sp1d3R – Sp1d3R's security blog / "I accidentally broke it." Sat, 23 Apr 2022 21:51:37 +0000 en-US hourly 1 https://wordpress.org/?v=6.4.2 Tricky out-of-band RCE via Java EL injection /out-of-band-rce-via-el-injection/ Sat, 27 Jul 2019 14:57:52 +0000 https://xpoc.pro/?p=281 … →]]> OAuth authentication bypass on Airbnb acquisition using 1-char Open Redirect /oauth-authentication-bypass-on-airbnb-acquisition-using-weird-1-char-open-redirect/ Wed, 10 Jul 2019 13:16:35 +0000 https://xpoc.pro/?p=190 Improving your success as bug bounty hunter /improving-your-success-as-security-researcher-and-bug-bounty-hunter/ Tue, 28 Nov 2017 13:21:14 +0000 https://xpoc.pro/?p=177 … →]]> How the bug on the CloudFlare «Always Online» page could lead to Unvalidated Redirect on the any site including hacker.one /how-the-bug-on-the-cloudflare-always-online-page-could-lead-to-unvalidated-redirect-on-the-any-site-including-hackerone/ Thu, 23 Nov 2017 14:53:37 +0000 https://xpoc.pro/?p=157 … →]]> One more way to exploit a Stored Self-XSS /turning-stored-self-xss/ Tue, 14 Nov 2017 16:43:58 +0000 https://xpoc.pro/?p=101 … →]]> How Access Control issue in the Facebook game turned me from the dev to the security researcher /how-idor-in-the-facebook-game-turned-me-from-the-dev-to-the-security-researcher/ Sat, 11 Nov 2017 16:45:22 +0000 https://xpoc.pro/?p=56 … →]]>