漏洞报告【QIWI 】#1224008 Account Takeover through registration to the same email address https://hackerone.com/reports/1224008 【Semrush】php的信息文件和sql备份文件泄露 https://hackerone.com/reports/1358249 【U.S. General Services Administration】授权不当导致所有注册用户数据泄露 https://hackerone.com/reports/1175980 【8x8】 Kubernetes 信息泄露 https://hackerone.com/reports/1418101 挖洞技巧在两分钟内绕过登录页面 https://aravind07.medium.com/bypassing-login-page-in-2-mins-5b773d46f4d Ubuntu 桌面漏洞利用 | Pwn2Own 本地特权类别升级 | 平安全 https://flatt.tech/reports/210401_pwn2own/ 鲜为人知的 Python 错误和容器学习路径 - Intigriti https://blog.intigriti.com/2021/12/08/bug-bytes-150-cms-wordlists-lesser-known-python-bugs-containers-learning-path/ 通过Exif数据远程代码执行 https://infosecwriteups.com/remote-code-execution-via-exif-data-12f7d3cee827 挖洞工具通过SSRF利用NFS服务器 https://r0.haxors.org/posts?id=27

bugbounty技巧聚合20211209

【QIWI 】#1224008 Account Takeover through registration to the same email address
https://hackerone.com/reports/1224008
【Semrush】php的信息文件和sql备份文件泄露
https://hackerone.com/reports/1358249
【U.S. General Services Administration】授权不当导致所有注册用户数据泄露
https://hackerone.com/reports/1175980
【8x8】 Kubernetes 信息泄露
https://hackerone.com/reports/1418101

在两分钟内绕过登录页面
https://aravind07.medium.com/bypassing-login-page-in-2-mins-5b773d46f4d
Ubuntu 桌面漏洞利用 | Pwn2Own 本地特权类别升级 | 平安全
https://flatt.tech/reports/210401_pwn2own/
鲜为人知的 Python 错误和容器学习路径 - Intigriti
https://blog.intigriti.com/2021/12/08/bug-bytes-150-cms-wordlists-lesser-known-python-bugs-containers-learning-path/
通过Exif数据远程代码执行
https://infosecwriteups.com/remote-code-execution-via-exif-data-12f7d3cee827