Kamil Vavra

Offensive website security | @vavkamil

Kamil Vavra

Offensive website security | @vavkamil

  • Whoami
    • Bug bounty
    • Public talks
  • Ethical hacking
    • Bug bounty
    • Responsible disclosure
  • Tools
  • Privacy
  • News
  • Books
  • Uncategorized
img
In Bug bounty , Ethical hacking , Tools

Understanding the full potential of sqlmap during bug bounty hunting

By vavkamil
-
On October 9, 2019

sqlmap is an automatic SQL injection and database takeover tool

img
In Bug bounty , Ethical hacking

How to bypass Android certificate pinning and intercept SSL traffic

By vavkamil
-
On September 15, 2019

Installing Burp Suite certificate on Android (Nougat) 7+ and bypassing certificate pinning with Frida &.

img
In Ethical hacking , Tools

Serverless Blind XSS hunter with Cloudflare Workers

By vavkamil
-
On September 11, 2019

Simple serverless Javascript that hunts for Blind XSS vulnerabilities.

RSS /r/bugbounty

  • $10m GDPR Fine; Why we Need GDPR in Bug Bounties - Tech Wagyu
  • STOK and Frans Rosen went to Bsides Ahmedabad 😱
  • This interview is PACKED with great advice for new hackers. @spaceraccoonsec talked about Hacker101, bug bounty checklists, collaboration, hacking @starbucks , how he got started, and becoming a @hacker0x01 MVH in under a year!
  • Breaking the chains on HTTP Request Smuggler
  • Weekly Discussion, December 09, 2019: Ask all your bugbounty questions!

RSS The Hacker News

  • New Linux Bug Lets Attackers Hijack Encrypted VPN Connections
  • Facebook Sued Hong Kong Firm for Hacking Users and Ad Fraud Scheme
  • FBI Puts $5 Million Bounty On Russian Hackers Behind Dridex Banking Malware
  • Severe Auth Bypass and Priv-Esc Vulnerabilities Disclosed in OpenBSD
  • ZeroCleare: New Iranian Data Wiper Malware Targeting Energy Sector

RSS /r/netsec

  • Breaking the chains on HTTP Request Smuggler
  • Made a tool to check on a graph approach network traffic (live capture or pcap)
  • The Githubification of InfoSec by John Lambert, Distinguished Engineer, Microsoft Threat Intelligence Center
  • This is a story how I accidentally found a common vulnerability across similar web applications just by reusing cookies on different subdomains from the same web application.
  • Spilling Local Files via XXE When HTTP OOB Fails
Kamil Vavra

Offensive website security | @vavkamil

Copyright at 2019. Kamil Vavra All Rights Reserved
↑