Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/numirias/security
Some of my security stuff and vulnerabilities. Nothing advanced. More to come.
https://github.com/numirias/security
appsec pentesting security
Last synced: about 1 month ago
JSON representation
Some of my security stuff and vulnerabilities. Nothing advanced. More to come.
- Host: GitHub
- URL: https://github.com/numirias/security
- Owner: numirias
- Created: 2019-06-04T10:27:48.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2019-06-11T16:18:13.000Z (over 5 years ago)
- Last Synced: 2024-08-01T09:22:38.284Z (3 months ago)
- Topics: appsec, pentesting, security
- Homepage: https://twitter.com/rawsec
- Size: 16.6 KB
- Stars: 866
- Watchers: 32
- Forks: 163
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# security
This repository will contain security-related stuff I'm doing. (Also, [@rawsec](https://twitter.com/rawsec) on Twitter)
Recent:
- 2019-06-04 [Vim/Neovim Arbitrary Code Execution via Modelines](doc/2019-06-04_ace-vim-neovim.md) (CVE-2019-12735)
More to come...
---
CTF write-ups:
- [Google CTF 2017 | Geokitties v2](https://github.com/numirias/ctf/blob/master/writeup-google-ctf-2017-geokitties-v2.md)
- [*Many more...*](https://security.meta.stackexchange.com/search?tab=votes&q=user%3a95381%20is%3aanswer%20%5bwrite-up%5d)
[My answers](https://security.stackexchange.com/users/95381/arminius?tab=answers) on Security.SE (many trivial, but also a few interestinig ones).
Some older bugs:
- 2017-01-25 [Google Chrome: Address spoofing in Omnibox](https://bugs.chromium.org/p/chromium/issues/detail?id=673971
) (CVE-2017-5015)
- 2017-01-24 [Mozilla Firefox: Location bar spoofing with unicode characters](https://www.mozilla.org/en-US/security/advisories/mfsa2017-01/#CVE-2017-5383) (CVE-2017-5383)
- 2016-06-07 [Mozilla Firefox: Partial SOP violation via forged location.host](https://www.mozilla.org/en-US/security/advisories/mfsa2016-54/) (CVE-2016-2825)
- 2015-05-19 [Google Chrome: Cross-origin bypass in Editing](https://bugs.chromium.org/p/chromium/issues/detail?id=444927) (CVE-2015-1254)
- 2015-04-03 [Mozilla Firefox: Privileged URLs processed by about:reader](https://www.mozilla.org/en-US/security/advisories/mfsa2015-43/) (CVE-2015-0798)
- 2015-03-31 [Mozilla Firefox: Addon permissions exposed to man-in-the-middle attacks](https://www.mozilla.org/en-US/security/advisories/mfsa2015-32/) (CVE-2015-0812)
- 2015-02-24 [Mozilla Firefox: Local files or privileged URLs in pages can be opened into new tabs](https://www.mozilla.org/en-US/security/advisories/mfsa2015-25/) (CVE-2015-0821)
- 2015-02-24 [Mozilla Firefox: Arbitrary File Read Vulnerability via Form Autocomplete](https://www.mozilla.org/en-US/security/advisories/mfsa2015-24/) (CVE-2015-0822)