【Localize 50刀】文档名处的存储xss
https://hackerone.com/reports/1321407
【Tor】Tor Browser using --log or --verbose logs the exact connection time a client connects to any v2 domains.
https://hackerone.com/reports/1250273
【IBB 2000刀】CVE-2021-3711: SM2 decrypt buffer overflow
https://hackerone.com/reports/1352429
业务逻辑漏洞测试技巧
https://docs.google.com/presentation/d/1IOw1CVKw15ZW0fUUot0j5eUIepE_NGBybWf92Y9AtMg
Visual studio开发扩展插件里的远程命令执行
https://www.shielder.it/advisories/remote-command-execution-in-visual-studio-code-remote-development-extension/
Bug Bytes 139期
https://blog.intigriti.com/2021/09/22/bug-bytes-139-omigod-code-review-guides-a-bug-hunters-five-year-journey/
双要素绕过tips
https://medium.com/@mazoka777/two-factor-authentication-bypass-4c814627f8c3
