-
Communications via https would be beneficial.
Jetty and Karaf are fully capable of supporting HTTPs; sorting out SSL certificates without requiring anything of the casual user could require some ca…
-
### Page(s)
https://playwright.dev/docs/browsers#install-browsers
### Description
The organization I work for is currently in the process of evaluating Playwright. Part of this process is a risk as…
-
I've come across a CNAME pointing to a .exacttarget.com.edgekey.net domain that I believe might be vulnerable to subdomain takeover. How does one register a such domain?
JeppW updated
3 weeks ago
-
Recon/OSINT tools usually involve a lot more than just Hosts/IP/Subdomains
I'd consider including:
- Email Address
- Examples:
- Sites found with address
- PGP keys
- URL
…
-
There have been a few subdomains that I've come across now that look like this:
`Server: AkamaiGHost`
and the page will say:
Invalid URL
The requested URL "[no URL]", is invalid.
As far as I ca…
-
### Nuclei Version:
3.3.0
### Template file:
`/http/takeovers/github-takeover.yaml`
### Command to reproduce:
`nuclei -u -id github-takeover`
It appears that the "word" ma…
-
## Shopify
## Proof
https://hackerone.com/reports/416474
## Documentation
Not Only FingerPrint `Sorry, this shop is currently unavailable.`
New FingerPrint that I've found in my report `Now …
-
Metabigor is Intelligence tool, its goal is to do OSINT tasks and more but without any API key.
- [ ] https://github.com/elceef/dnstwist
- [ ] https://github.com/TaurusOmar/reconbulk
- [ ] https://git…
h701h updated
3 weeks ago
-
Web application integrating external services must be tested for well-known vulnerabilities caused by misconfigurations.
- Amazon AWS bucket service: ...
- Social media profile link validation: ..…
-
## Vulnerability Details :
A subdomain takeover occurs when an attacker gains control over a subdomain of a target domain. Typically, this happens when the subdomain has a canonical name ([CNAME](ht…