Soroush Dalili (@irsdl) – سروش

最新

1. MongoDB NoSQL Injection with Aggregation Pipelines Normal Posts ‧ Soroush Dalili
2. Cookieless DuoDrop: IIS Auth Bypass & App Pool Privesc in ASP.NET Framework (CVE-2023-36899 & CVE-2023-36560) My Advisories ‧ Soroush Dalili
3. Anchor Tag XSS Exploitation in Firefox with Target=”_blank” My Advisories ‧ Soroush Dalili
4. Thirteen Years On: Advancing the Understanding of IIS Short File Name (SFN) Disclosure! Security Posts ‧ Soroush Dalili
5. My MDSec Blog Posts so far in 2020/2021! My Advisories ‧ Soroush Dalili
6. File Upload Attack using XAMLX Files Security Posts ‧ Soroush Dalili
7. Uploading web.config for Fun and Profit 2 Security Posts ‧ Soroush Dalili
8. IIS Application vs. Folder Detection During Blackbox Testing Security Posts ‧ Soroush Dalili
9. Danger of Stealing Auto Generated .NET Machine Keys Security Posts ‧ Soroush Dalili
10. x-up-devcap-post-charset Header in ASP.NET to Bypass WAFs Again! Security Posts ‧ Soroush Dalili
11. Exploiting Deserialisation in ASP.NET via ViewState Security Posts ‧ Soroush Dalili
12. Yet Other Examples of Abusing CSRF in Logout Security Posts ‧ Soroush Dalili
13. How to win BIG and even more! Security Posts ‧ Soroush Dalili
14. Finding and Exploiting .NET Remoting over HTTP using Deserialisation Security Posts ‧ Soroush Dalili
15. More research on .NET deserialization My Advisories ‧ Soroush Dalili
16. Feel honoured to be there again after 8 years: Top 10 Web Hacking Techniques of 2017 Security Posts ‧ Soroush Dalili
17. Story of my two (but actually three) RCEs in SharePoint in 2018 Security Posts ‧ Soroush Dalili
18. ASP.NET resource files (.RESX) and deserialization issues My Advisories ‧ Soroush Dalili
19. MS 2018 Q4 – Top 5 Bounty Hunter for 2 RCEs in SharePoint Online My Advisories ‧ Soroush Dalili
20. WAF Bypass Techniques – Using HTTP Standard and Web Servers’ Behaviour Security Posts ‧ Soroush Dalili
更新于 14 分钟前

近期历史最近 100 条记录

2024-06-24 MongoDB NoSQL Injection with Aggregation Pipelines Normal Posts ‧ Soroush Dalili
2023-08-09 Cookieless DuoDrop: IIS Auth Bypass & App Pool Privesc in ASP.NET Framework (CVE-2023-36899 & CVE-2023-36560) My Advisories ‧ Soroush Dalili
2023-08-01 Anchor Tag XSS Exploitation in Firefox with Target=”_blank” My Advisories ‧ Soroush Dalili
2023-08-01 Thirteen Years On: Advancing the Understanding of IIS Short File Name (SFN) Disclosure! Security Posts ‧ Soroush Dalili
2023-07-21 My MDSec Blog Posts so far in 2020/2021! My Advisories ‧ Soroush Dalili
2023-07-21 File Upload Attack using XAMLX Files Security Posts ‧ Soroush Dalili
2023-07-21 Uploading web.config for Fun and Profit 2 Security Posts ‧ Soroush Dalili
2023-07-21 IIS Application vs. Folder Detection During Blackbox Testing Security Posts ‧ Soroush Dalili
2023-07-21 Danger of Stealing Auto Generated .NET Machine Keys Security Posts ‧ Soroush Dalili
2023-07-21 x-up-devcap-post-charset Header in ASP.NET to Bypass WAFs Again! Security Posts ‧ Soroush Dalili
2023-07-21 Exploiting Deserialisation in ASP.NET via ViewState Security Posts ‧ Soroush Dalili
2023-07-21 Yet Other Examples of Abusing CSRF in Logout Security Posts ‧ Soroush Dalili
2023-07-21 How to win BIG and even more! Security Posts ‧ Soroush Dalili
2023-07-21 Finding and Exploiting .NET Remoting over HTTP using Deserialisation Security Posts ‧ Soroush Dalili
2023-07-21 More research on .NET deserialization My Advisories ‧ Soroush Dalili
2023-07-21 Feel honoured to be there again after 8 years: Top 10 Web Hacking Techniques of 2017 Security Posts ‧ Soroush Dalili
2023-07-21 Story of my two (but actually three) RCEs in SharePoint in 2018 Security Posts ‧ Soroush Dalili
2023-07-21 ASP.NET resource files (.RESX) and deserialization issues My Advisories ‧ Soroush Dalili
2023-07-21 MS 2018 Q4 – Top 5 Bounty Hunter for 2 RCEs in SharePoint Online My Advisories ‧ Soroush Dalili
2023-07-21 WAF Bypass Techniques – Using HTTP Standard and Web Servers’ Behaviour Security Posts ‧ Soroush Dalili
2023-07-21 SMB hash hijacking & user tracking in MS Outlook My Advisories ‧ Soroush Dalili
2023-07-21 Bug Bounty vs Penetration Testing (Simple Unbiased Comparison) Security Posts ‧ Soroush Dalili
2023-07-21 Rare ASP.NET request validation bypass using request encoding My Advisories ‧ Soroush Dalili
2023-07-21 Additional notes on “A Forgotten HTTP Invisibility Cloak” talk! Security Posts ‧ Soroush Dalili
2023-06-01 My MDSec Blog Posts so far in 2020/2021! My Advisories ‧ Soroush Dalili
2023-06-01 File Upload Attack using XAMLX Files Security Posts ‧ Soroush Dalili
2023-06-01 Uploading web.config for Fun and Profit 2 Security Posts ‧ Soroush Dalili
2023-06-01 IIS Application vs. Folder Detection During Blackbox Testing Security Posts ‧ Soroush Dalili
2023-06-01 Danger of Stealing Auto Generated .NET Machine Keys Security Posts ‧ Soroush Dalili
2023-06-01 x-up-devcap-post-charset Header in ASP.NET to Bypass WAFs Again! Security Posts ‧ Soroush Dalili
2023-06-01 Exploiting Deserialisation in ASP.NET via ViewState Security Posts ‧ Soroush Dalili
2023-06-01 Yet Other Examples of Abusing CSRF in Logout Security Posts ‧ Soroush Dalili
2023-06-01 How to win BIG and even more! Security Posts ‧ Soroush Dalili
2023-06-01 Finding and Exploiting .NET Remoting over HTTP using Deserialisation Security Posts ‧ Soroush Dalili
2023-06-01 More research on .NET deserialization My Advisories ‧ Soroush Dalili
2023-06-01 Feel honoured to be there again after 8 years: Top 10 Web Hacking Techniques of 2017 Security Posts ‧ Soroush Dalili
2023-06-01 Story of my two (but actually three) RCEs in SharePoint in 2018 Security Posts ‧ Soroush Dalili
2023-06-01 ASP.NET resource files (.RESX) and deserialization issues My Advisories ‧ Soroush Dalili
2023-06-01 MS 2018 Q4 – Top 5 Bounty Hunter for 2 RCEs in SharePoint Online My Advisories ‧ Soroush Dalili
2023-06-01 WAF Bypass Techniques – Using HTTP Standard and Web Servers’ Behaviour Security Posts ‧ Soroush Dalili
2023-06-01 SMB hash hijacking & user tracking in MS Outlook My Advisories ‧ Soroush Dalili
2023-06-01 Bug Bounty vs Penetration Testing (Simple Unbiased Comparison) Security Posts ‧ Soroush Dalili
2023-06-01 Rare ASP.NET request validation bypass using request encoding My Advisories ‧ Soroush Dalili
2023-06-01 Additional notes on “A Forgotten HTTP Invisibility Cloak” talk! Security Posts ‧ Soroush Dalili
2020-11-01 My MDSec Blog Posts so far in 2020! My Advisories ‧ Soroush Dalili
2020-07-19 File Upload Attack using XAMLX Files Security Posts ‧ Soroush Dalili
2020-07-19 Uploading web.config for Fun and Profit 2 Security Posts ‧ Soroush Dalili
2020-07-19 IIS Application vs. Folder Detection During Blackbox Testing Security Posts ‧ Soroush Dalili
2020-07-19 Danger of Stealing Auto Generated .NET Machine Keys Security Posts ‧ Soroush Dalili
2020-07-19 x-up-devcap-post-charset Header in ASP.NET to Bypass WAFs Again! Security Posts ‧ Soroush Dalili
2020-07-19 Exploiting Deserialisation in ASP.NET via ViewState Security Posts ‧ Soroush Dalili
2020-07-19 Yet Other Examples of Abusing CSRF in Logout Security Posts ‧ Soroush Dalili
2020-07-19 How to win BIG and even more! Security Posts ‧ Soroush Dalili
2020-07-19 Finding and Exploiting .NET Remoting over HTTP using Deserialisation Security Posts ‧ Soroush Dalili
2020-07-19 More research on .NET deserialization My Advisories ‧ Soroush Dalili
2020-07-19 Feel honoured to be there again after 8 years: Top 10 Web Hacking Techniques of 2017 Security Posts ‧ Soroush Dalili
2020-07-19 Story of my two (but actually three) RCEs in SharePoint in 2018 Security Posts ‧ Soroush Dalili
2020-07-19 ASP.NET resource files (.RESX) and deserialization issues My Advisories ‧ Soroush Dalili
2020-07-19 MS 2018 Q4 – Top 5 Bounty Hunter for 2 RCEs in SharePoint Online My Advisories ‧ Soroush Dalili
2020-07-19 WAF Bypass Techniques – Using HTTP Standard and Web Servers’ Behaviour Security Posts ‧ Soroush Dalili
2020-07-19 SMB hash hijacking & user tracking in MS Outlook My Advisories ‧ Soroush Dalili
2020-07-19 Bug Bounty vs Penetration Testing (Simple Unbiased Comparison) Security Posts ‧ Soroush Dalili
2020-07-19 Rare ASP.NET request validation bypass using request encoding My Advisories ‧ Soroush Dalili
2020-07-19 Additional notes on “A Forgotten HTTP Invisibility Cloak” talk! Security Posts ‧ Soroush Dalili
2020-07-19 Request encoding to bypass web application firewalls My Advisories ‧ Soroush Dalili
2019-09-21 File Upload Attack using XAMLX Files Security Posts ‧ Soroush Dalili
2019-08-17 Uploading web.config for Fun and Profit 2 Security Posts ‧ Soroush Dalili
2019-07-10 IIS Application vs. Folder Detection During Blackbox Testing Security Posts ‧ Soroush Dalili
2019-05-11 Danger of Stealing Auto Generated .NET Machine Keys Security Posts ‧ Soroush Dalili
2019-05-08 x-up-devcap-post-charset Header in ASP.NET to Bypass WAFs Again! Security Posts ‧ Soroush Dalili
2019-05-08 Exploiting Deserialisation in ASP.NET via ViewState Security Posts ‧ Soroush Dalili
2019-05-08 Yet Other Examples of Abusing CSRF in Logout Security Posts ‧ Soroush Dalili
2019-05-08 How to win BIG and even more! Security Posts ‧ Soroush Dalili
2019-05-08 Finding and Exploiting .NET Remoting over HTTP using Deserialisation Security Posts ‧ Soroush Dalili
2019-05-08 More research on .NET deserialization My Advisories ‧ Soroush Dalili
2019-05-08 Feel honoured to be there again after 8 years: Top 10 Web Hacking Techniques of 2017 Security Posts ‧ Soroush Dalili
2019-05-08 Story of my two (but actually three) RCEs in SharePoint in 2018 Security Posts ‧ Soroush Dalili
2019-05-08 ASP.NET resource files (.RESX) and deserialization issues My Advisories ‧ Soroush Dalili
2019-05-08 MS 2018 Q4 – Top 5 Bounty Hunter for 2 RCEs in SharePoint Online My Advisories ‧ Soroush Dalili
2019-05-08 WAF Bypass Techniques – Using HTTP Standard and Web Servers’ Behaviour Security Posts ‧ Soroush Dalili
2019-05-08 SMB hash hijacking & user tracking in MS Outlook My Advisories ‧ Soroush Dalili
2019-05-08 Bug Bounty vs Penetration Testing (Simple Unbiased Comparison) Security Posts ‧ Soroush Dalili
2019-05-08 Rare ASP.NET request validation bypass using request encoding My Advisories ‧ Soroush Dalili
2019-05-08 Additional notes on “A Forgotten HTTP Invisibility Cloak” talk! Security Posts ‧ Soroush Dalili
2019-05-08 Request encoding to bypass web application firewalls My Advisories ‧ Soroush Dalili
2019-05-08 When a web application SSRF causes the cloud to rain credentials & more Security Posts ‧ Soroush Dalili
2019-05-08 CVE-2017-8592 – XMLHttpRequest in IE followed 307 redirections with additional or customised headers
2019-05-08 Using Firefox Profiles in Security Testing
2019-05-08 Flash it baby!

匿名用户只展示最新 100 条榜单历史,更多历史数据请登录后查看,支持时光机按天筛选

Sponsors

今日解忧 - 赛博修行,舒缓静心,21世纪解压神器!
今日历 - 全球最全的日历,日历届的航空母舰!
百晓生AI - 全能创作助手

猜你喜欢