Скачать с ютуб News, Tools, and Writeups (Ep. 88) в хорошем качестве

News, Tools, and Writeups (Ep. 88)

Episode 88: In this episode of Critical Thinking - Bug Bounty Podcast Justin and Joel tackle a whole slate of new research including a new cheat sheet for URL validation bypass from Portswigger, the introduction of Sanic DNS as a high-speed DNS resolver, xsstools, and the Dockerization of Orange Confusion Attacks. Follow us on twitter at:   / ctbbpodcast   We're new to this podcasting thing, so feel free to send us any feedback here: [email protected] Shoutout to   / realytcracker   for the awesome intro music! ====== Links ====== Find the Hackernotes: https://blog.criticalthinkingpodcast.io/ Follow your hosts Rhynorater & Teknogeek on twitter:   / 0xteknogeek     / rhynorater   ====== Ways to Support CTBBPodcast ====== Hop on the CTBB Discord at https://ctbb.show/discord! We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc. Shop our new swag store at http://ctbb.show/swag Resources: URL Validation Bypass cheat sheet https://x.com/PortSwiggerRes/status/1... SanicDNS https://x.com/smiegles/status/1825461... Orange Confusion Attacks https://x.com/har1sec/status/18276833... WordPress GiveWP POP to RCE https://x.com/MrTuxracer/status/18281... Xsstools https://github.com/yeswehack/xsstools Bypassing browser tracking protection https://swarm.ptsecurity.com/bypassin... Advanced iframe Magic https://blog.huli.tw/2024/09/07/en/id... DOM Clobbering https://www.ruhrsec.de/downloads/slid... And https://domclob.xyz/domc_payload_gene... Timestamps: (00:00:00) Introduction (00:02:00) URL validation bypass (00:07:41) SanicDNS and Orange confusion attacks (00:20:06) WordPress GiveWP POP to RCE (00:31:29) Xsstools (00:43:56) Bypassing browser tracking protection (00:52:06) DOM Clobbering and mixing up your approach