漏洞报告
【New Relic 1,024 USD】Reflected XSS in VPN Appliance
https://hackerone.com/reports/1386438
【Concrete CMS】A bypass of adding remote files in concrete5 FIlemanager leads to remote code execution
https://hackerone.com/reports/1350444
挖洞技巧
Practical HTTP Header Smuggling: Sneaking Past Reverse Proxies to Attack AWS and Beyond
https://www.intruder.io/research/practical-http-header-smuggling
Android WebViews use and abuse
https://docs.google.com/presentation/d/18xhCZ4fnC2UC4FZ7w_zEIKfiejckn86JU1RqGxvEhTM/mobilepresent?slide=id.g1006589e594_0_3
挖洞工具
Run all your bug bounty VPN profiles in parallel and expose them via multiple local SOCKS proxies.
https://github.com/honoki/bugbounty-openvpn-socks