SRT member @ozgur_bbh takes us through 5 unusual authentication bypass techniques he's found on assignments for customers. Check out our latest installment of Exploits Explained: hubs.ly/Q01nsLsn0
Synack Red Team
2,774 posts
Synack Red Team
@SynackRedTeam
The power behind the @Synack platform is an elite team of the world's top cybersecurity researchers. Our best are honored at acropolis.synack.com
- Check out "From File Upload to RCE": A @SynackRedTeam member’s write-up on a finding during testing that demonstrates the importance of validating file extensions on uploaded file types. #infosec #cybersecurity #RCE #FileUpload
- Congratulations to the TWO newest Synack Red Team millionaires. You know who you are 😉
- Congratulations to Synack Red Team member @seanmeals for winning the #SynackTeslaChallenge! He has chosen to receive his award as $50,000 cash. Want to participate in Synack testing for your #bugbounty opportunity? Join the Synack Red Team! syn.ac/1Kb5LVO
- A Deep Dive into XXE Injection with Synack's Sr. Security Program Analyst Trent Gordon. In this blog, Trent explains how XXE works and how to exploit XXE vulnerabilities, then he walks through two real-world XXE attacks submitted by the Synack Red Team.
- Server-side request forgery (SSRF) cracked the OWASP top 10 vulns list for APIs this year, and for a good reason. SRT member @kuldeepdotexe details how he found four SSRF flaws on a small attack surface. Read more in this Exploits Explained → hubs.ly/Q01_ljZ80
- Oh, CVE- 2021-44228? We solved that hours ago...☕️ 🔗syn.ac/3lWF1z4 #SynackRedTeam #SRT #log4j #log4jRCE
GIF - .@ozgur_bbh, top #security researcher on the @SynackRedTeam and member of the #Synack Envoy, has earned $1 million on our platform! 🎊 To learn more about him and his #cybersecurity journey, we sat down with Ӧzgür for an interview. Read it here: syn.ac/3gqblqx
- Oftentimes, resiliency pays off. @kuldeepdotexe shares his strategy for discovering a second order XXE. Read more about his thought process in this Exploits Explained → hubs.ly/Q01V-Kwc0
- While new authentication tools like single sign-on (SSO) have improved cyber across many orgs, it’s not impossible to find and exploit vulns. Synack Red Team member @ozgur_bbh covers five need-to-know bypass techniques in this previous Exploits Explained: hubs.ly/Q022ppRj0
- SRT member @niksthehacker takes us on an unbelievable journey of account takeovers. Seemingly complex, some of these techniques take one or two steps to complete a takeover. Read on: hubs.ly/Q01sHXhw0
- Wishing you a healthy, prosperous and #SynackSecure New Year! 🎉 What are your #hacker resolutions for 2021? Comment below... 👇
