Security Research


Tools Discussion Chat about tools that are new to you or new to the world. Discuss what works, what doesn't, how things could improve, etc. Tool Talk. Tool Time.
Proof of Concepts As someone wise once said, "POC or GTFO". Share your favorite security write-ups and POC's with the community. Share your POCs, share others'. Discuss them here.

Researcher Resources - How to become a Bug Bounty Hunter ( 2 ) [Security Research] (24)
Researcher Resources - Getting Started [Security Research] (12)
Researcher Resources - Tutorials [Security Research] (9)
Researcher Resources - Bounty Bug Write-ups [Security Research] (2)
Researcher Resources: Thick Client Focused [Security Research] (3)
Researcher Resources: Mobile Focused [Security Research] (3)
Is this considered directory traversal? [Security Research] (3)
Free hacking books [Security Research] (2)
Best way to get into RCE XXE SSRF? [Security Research] (3)
Researcher Resources - Tools ( 2 3 ) [Tools Discussion] (44)
Writing a bug report - Attack Scenario and Impact are key! [Security Research] (4)
How To trigger JS execution on 302 page [Proof of Concepts] (6)
Help Gaining XXE in Spring Boot Mobile Application API [Security Research] (4)
Any Idea to Trigger Execution of JavaScript in rel Tag [Security Research] (3)
Link rel=canonical XSS exploitation [Security Research] (4)
Application Security Engineer [Security Research] (1)
Instrumenting Android Applications with Frida [Tools Discussion] (1)
Is it common for bug bounty hunters to use exploits found in one site, on other sites? [Security Research] (4)
Keeping track of how companies respond to bug reports [Security Research] (14)
? - Help/Input - BwAPP – Medium Security SQLi Practice -? [Security Research] (1)
Symantec Data loss prevention (DLP) Policy Bypass [Security Research] (1)
XSS in Search bar [Security Research] (3)
Share a link to your security blog [Security Research] (16)
XXE clarification [Security Research] (4)
Dom based XSS question [Proof of Concepts] (7)
Hunting XXE For Fun And Profit [Security Research] (9)
Any idea on how someone would exploit this? (CSRF Bypass) [Security Research] (3)
Can I still report Rosetta Flash? [Security Research] (4)
Hash sign wrecking my XSS payload. How to exploit? [Security Research] (2)
A DB handling horror story by @FogMarks & some security guidelines [Security Research] (1)