🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

This challenge is vulnerable in several ways. Here are two of them: 1. According to RFC 3966, an ISDN-Subaddress can follow the phone number. 2. Library implementation also allows additional phone number ranges such as "x12/x34" after the phone number.

[white box challenge] Can you convert the Self-XSS into a 1-click ATO? this challenge is based on a real world bug, a semi-novel way to exploit Self-XSS. challenge objective is to steal admin's API key, give it a shot: github.com/VoorivexTeam/w… online instance: canyoucatch [.] me

One misconfig, one chain, five figures. Catch me & Yashar breaking it down at NahamCon!

Awesome technique by slonser! With this method, you can leak sensitive data using just an 'img' tag, even if the target uses DOMPurify and CSS data exfiltration is not possible

he's from Google security and seems it's a 0day flaw. start finding ATOs before it gets patched, too many sites out there are vulnerable, we have already found some in few recent days :]

We’ve created a lab to demonstrate how an OAuth token can be leaked using a referrer policy override. Check out the article and try the lab here github.com/VoorivexTeam/w…

Is this app vulnerable to XSS?

🎉 NahamCon is just around the corner! Join us for FREE on May 22-23: 📅 Day 1 (May 22): AI Track 📅 Day 2 (May 23): Bug Bounty, Recon, Web App Thanks to our amazing sponsors for making this possible! No tickets needed - watch #NahamCon2025 live at twitch.tv/nahamsec

Google fixed the Referrer Policy override technique in under 10 days. During that window, I found the latest version of DOMPurify on a public HackerOne program, used the trick to demonstrate impact and exploit the OAuth flow, and earned a ~$4K bounty :D

YS and I created two postMessage challenges based on real-world cases, it's commonly used by developers to secure postMessages this is the first one, can you exploit it?

this is the second challenge, and it’s a hard one, can you exploit it?

⏳ We’re just 48 hours away from the return of #NahamCon2025! Get ready for two full days of talks on: 🤖 Hacking AI 🛠️ Hacking with AI 🔍 Recon 🌐 Web Hacking 💸 Bug Bounty & more 📆 May 22-23 Watch live on Twitch.tv/NahamSec

What do you get when you mix punycode and 0-click account takeover? A talk you absolutely don’t want to miss. @yshahinzadeh & @amirmsafari are teaming up at #NahamCon2025 to walk you through a wild exploit chain 🔥 🗓️ May 23 📍 nahamcon.com

what a presentation by AmirMohammad Safari and YS at NahamCon 2025 ( Ben Sadeghipour ) really cool and useful research, I was able to report several critical thanks to this novel research

been using this techniques to bypass many WAFs, open the console in the vulnrable page, run this code to extract variables refering to window object: for(let x in window)if(window[x]===window)console.log(x); then leaverage it to execute JS functions, happy hunting :]

In our NahamCon talk, we demonstrated how punycode email addresses can impact OAuth implementations. MySQL + GitLab OAuth by default can lead to zero-click account takeover. 🔍 Check out the demo app here: github.com/VoorivexTeam/w…