Ricardo Iramar dos Santos
Ricardo Iramar dos Santos
Usually we see the Subdomain Takeover vulnerability affecting the front-end but I think APIs can also be affected. For example Apigee use the same CNAME approach to set up an...
Microsoft says this is not an issue but in the way I see this is a big mistake. Maybe you want to include in your list. https://github.com/riramar/IE11xCORSxSOP > IE11 is...
javascript:alert(navigator.sendBeacon('//www.google.com',new Blob(['1'],{type:'any'}))) VM163:1 Uncaught DOMException: Failed to execute 'sendBeacon' on 'Navigator': sendBeacon() with a Blob whose type is not any of the CORS-safelisted values for the Content-Type request header is...
#### Problem Description I was using mitmdump.exe 7.0.4 for windows with the example duplicate-modify-replay.py without any problems. After migrating to mitmdump.exe 8.0.0 I started to get the error below. ```...
I'm trying a simple test with tcpliveplay but it seems tcpliveplay doesn't handle TCP handshake properly. Let me describe the steps from my testing. 1. Logged as root on machine...
Fix the warning below. ./h2csmuggler-proxy.py:49: DeprecationWarning: ssl.wrap_socket() is deprecated, use SSLContext.wrap_socket() retSock = ssl.wrap_socket(sock, ssl_version=ssl.PROTOCOL_TLS) Ref. https://docs.python.org/3/library/ssl.html#:~:text=Deprecated%20since%20version%203.7%3A%20Since%20Python%203.2%20and%202.7.9%2C%20it%20is%20recommended%20to%20use%20the%20SSLContext.wrap_socket()%20instead%20of%20wrap_socket().
Not sure why but for a few servers I'm getting the error below. ``` [INFO] Requesting - / Traceback (most recent call last): File "/home/ricardo/Tools/h2csmuggler/h2csmuggler.py", line 382, in init() File...
Default installation is not working. $ go get github.com/assetnote/commonspeak2 # github.com/assetnote/commonspeak2/command/deletedfiles go/src/github.com/assetnote/commonspeak2/command/deletedfiles/deleted.go:33:17: c.GlobalBool undefined (type *cli.Context has no field or method GlobalBool) go/src/github.com/assetnote/commonspeak2/command/deletedfiles/deleted.go:34:16: c.GlobalBool undefined (type *cli.Context has no field...
Hi @fotisl, Really nice talk on RECON BRUSSELS 2017! Thanks a lot for sharing knowledge with everybody. I'm trying to play a little bit with the exploit but I'm getting...
You can reproduce the issue with the commands below. I can see the results in DB but the text output file is blank. I'm assuming a lot of people are...