pentestercrab
- Karma
- 0
- Created
- ()
- Submissions
- 0
-
https://archive.ph/Rq5bw
- Ruby Array Pack Bleed (nastystereo.com)
- Ruby Array Pack Bleed – Impacts Ruby 1.6.7 to 4.0.0 (nastystereo.com)
- Inline Style Exfiltration: leaking data with chained CSS conditionals (portswigger.net)
- Marshal madness: A brief history of Ruby deserialization exploits (blog.trailofbits.com)
- Escaping Ruby's Gem:SafeMarshal Sandbox (nastystereo.com)
- Escaping Ruby's Gem:SafeMarshal Sandbox (nastystereo.com)
- CORS Vulnerabilities in Go: Vulnerable Patterns and Lessons (pentesterlab.com)
- Shiny Vulnerabilities in R's Most Popular Web Framework (nastystereo.com)
- Cross-Site Post Requests Without a Content-Type Header – CSRF Attack (nastystereo.com)
- JWT Libraries Block Algorithm Confusion: Key Lessons for Code Review (pentesterlab.com)
- Chosen-Prefix Collisions on AES-Like Hashing (eprint.iacr.org)
- Ruby 3.4 Universal RCE Deserialization Gadget Chain (nastystereo.com)
- Ruby's String Slice is Broken (nastystereo.com)
- Evaluate Markdown code blocks within Vim (github.com)
- SQL Injection Polyglot Payloads (nastystereo.com)
- nastystereo.com (nastystereo.com)