Tuan Anh Nguyen 🇻🇳
@haxor31337
28 y/o Bug Bounty Hunter and Red Teamer at Viettel Cyber Security.
Brand Ambassador @Hacker0x01 - Researcher Spotlight @Bugcrowd
ID: 1018903932
18-12-2012 03:38:40
2,2K Tweet
13,13K Takipçi
2,2K Takip Edilen
In our latest blog, we spoke with hacker Juan Francisco Bolívar about his recent discovery of an impactful GraphQL vulnerability in an e-commerce application API. See how he says other organizations can avoid this bug: bit.ly/46utux2 What have you hacked recently? 🤔
Thrilled to release my latest research on Apache HTTP Server, revealing several architectural issues! blog.orange.tw/2024/08/confus… Highlights include: ⚡ Escaping from DocumentRoot to System Root ⚡ Bypassing built-in ACL/Auth with just a '?' ⚡ Turning XSS into RCE with legacy code
This was the last thing I found / worked on while still at Tenable. A fun SSRF via Microsoft Copilot Studio leading to a critical info disclosure (CVE-2024-38206). Thanks to Jimi Sebree and the team for helping get this one out. tenable.com/blog/ssrfing-t…
Here's my x-correlation/json-injection research also in writing, thank you Critical Thinking - Bug Bounty Podcast! blog.criticalthinkingpodcast.io/p/hackernotes-…