Cullinan
Cullinan is wiki of offensive security
HAHWUL
Security engineer, Developer and H4cker
Phoenix
Phoenix is online tools for me
Ways to XSS without parentheses
IntroductionYesterday, [@garethheyes] shared a very useful technique. It's a metho...
Find S3 bucket takeover , S3 Misconfiguration using pipelining(s3reverse/meg/gf/s3scanner)
Hi hackers! Today, i'm going to talk about easy-to-find methods using S3 Bucket ta...
Recon with waybackmachine. For BugBounty!
I'm busy with work these days, so I think I'm writing in two weeks. (Actually, I c...
Using the Flat Darcula theme(dark mode) in ZAP!!(dev version)
Today I just saw a nice tweet from Simon.It was about ZAP's Dark Mode support. I d...
Find testing point using tomnomnom's tool, for bugbounty!
I recently watched a video that looked for inspection points in a unique way from ...
XSpear 1.4 Released! Find XSS! (Supported HTML report now!)
Hi Hackers and Bugbounty hunters!I planned XSpear for version 1.4 by February and ...
First new XSS Payload of 2020(svg animate, onpointerrawupdate)
Hi hackers and bugbounty hunter!Recently, two previously unknown XSS Payloads were...
BurpSuite 2020.01 Release Review, Change HTTP Message Editor!
The first release of Burp 2020.01 was released recently. I think end of last year,...
Metasploit의 목소리가 궁금하다면 "sounds" 플러그인!
새벽에 심심해서 Metasploit 가지고 놀던 중 의외의 이름의 플러그인 하나를 발견했습니다. Sound???? 사운드 관련된 기능을 테스트하는 ...