multiphase-power.com Cross Site Scripting vulnerability OBB-3418326

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

How much does access to corporate infrastructure cost?

Division of labor Money has been and remains the main motivator for cybercriminals. The most widespread techniques of monetizing cyberattacks include selling stolen databases, extortion using ransomware and carding. However, there is demand on the dark web not only for data obtained through an...

Vanquish - Kali Linux based Enumeration Orchestrator

Vanquish is a Kali Linux based Enumeration Orchestrator built in Python. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases. The results of each phase are fed into the next phase to identify vulnerabilities that could be leveraged f...

Session Race Conditions and Session Puzzling – Now Simplified

Session Race Conditions and Session Puzzling – Now Simplified A few months ago Shay Chen, Senior Manager at Hacktics Advanced Security Center HASC published a paper about Session Puzzling, a new application level attack vector of critical severity and numerous uses, but for some bizarre reasons,...