Verified Domain Ownership. Every domain on sale on DropCatch.ai has their ownership verified by Premium Domain Names S.L. Secure Payments by Stripe. Payments are handled via Stripe.com. We never store your private payment information and the seller does not get paid until after the domain has been transferred to you. Protected by EU Consumer Rights. We are an EU-based company and we take pride in
The integrated signal for extended detection and response (XDR). Detect – Prioritize – Investigate – Respond
In this post I will explain the Same-Origin policy bypass (CVE-2015-7188) in Firefox I reported to Mozilla last year. The root cause of that issue was a minor nuance in IP address parsing in some of the most popular OS-es. The final working exploit, however, additionally needed Flash installed and activated on the victim's machine. Another limitation was that it only worked to http protocol. Howev
In this article, I will describe three XSS-es I reported to Google VRP this year. All of them were possible thanks to Google Caja's sandbox escape. Introduction At the beginning of this year, I chose Google Docs as my bug bounty target. In Google Docs you can create scripts using Google Apps Script which are roughly equivalent to Microsoft Office's macros. The scripts are programmed in Javascript.
Hi, everyone! In this article I will continue to publish my research of Lenovo ThinkPad’s firmware. Previously I shown how to discover and exploit SMM callout vulnerabilities on example of SystemSmmAhciAspiLegacyRt UEFI driver 1day vulnerability. Also, I introduced a small toolkit called fwexpl that provides API for comfortable development of firmware exploits for Windows platform. My previous Len
English version: http://mksben.l0.cm/2016/05/xssauditor-bypass-flash-basetag.html ------------------------------------- このブログではおなじみ、ブラウザのXSS保護機能をバイパスするコーナーです。 今回はIEではなく、ChromeのXSS Auditorをバイパスします。 数日前、Marioさんが自身の発見したAuditorのバイパスが修正されたことに気付いて、新たなバイパスを探していたので、一緒になって探していたらみつけました。 Marioさんが新たにみつけたのはこちらです。 XSS Auditor Bypasses 05.2016https://t.co/c9UcjpDZZM (someone asked for PoC and test-case, here you
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
処理を実行中です
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く