Security writeups from researchers for researchers

We scan, we hack, we write about it. New interesting vulnerabilities, attack techniques, tools and bug bounty tips.

Log in Subscribe

Home
About

XSS

Home Posts Tagged "XSS"

AWS S3 Bucket Takeover - how to find it and maximize impact?

AWS S3 Bucket Takeover - how to find it and maximize impact?

The impact of an AWS S3 Bucket Takeover can range from none, account takeover, and even up to RCE. In this article, we’ll tell you how to find it and maximize its impact

Greg

10 Jan 2024 · 6 min read

Hacking Swagger-UI - from XSS to account takeovers

Hacking Swagger-UI - from XSS to account takeovers

We have reported more than 60 instances of this bug across a wide range of bug bounty programs including companies like Paypal, Atlassian, Microsoft, GitLab, Yahoo, ...

Dawid Moczadło

16 May 2022 · 10 min read

© 2024 Vidoc Security Lab - blog. All rights reserved.