Full account takeover through referral code https://hector0x.medium.com/broken-authentication-through-referral-code-25cd0e8bccc2
SecurityMB's October 2021 Prototype Pollution Challenge https://www.creastery.com/blog/securitymb-october-2021-prototype-pollution-challenge/
Multiple Concrete CMS vulnerabilities ( part1 – RCE ) https://www.fortbridge.co.uk/research/multiple-vulnerabilities-in-concrete-cms-part1-rce/
Subdomain Enumeration Guide 2021 https://sidxparab.gitbook.io/subdomain-enumeration-guide/
小工具 https://command-not-found.com
