Elber AndreBugBounty types — HTML injection via emailHTML injection é um ataque muito parecido com o Cross-site Scripting (XSS), enquanto no XSS o invasor pode injetar e executar códigos em…3 min read·Feb 17, 2020----
Elber AndreHack ’N’ Routers — Vulnerabilidades comuns em roteadores domésticosHello world, aqui falo um pouco sobre algumas vulns e exploits para roteadores domésticos5 min read·Dec 12, 2019----
Elber AndreBroken Access: Posting to Google private groups through any user in the groupIn this post I’m showing how I could post in the private groups of google using any account of any user of this group, without passwd or…4 min read·Apr 27, 2019----
Elber AndreSSTI: Bypass in a hard place, Fort Knox — ASIS Quals 2019Falando sobre alguns tipos de Bypass SSTI, para desafios de CTF.3 min read·Apr 25, 2019--1--1
Elber AndreSSRF Trick: SSRF/XSPA in Microsoft’s Bing Webmaster CentralToday I’m going to talk about a trick that might be useful for BugHunters.2 min read·Apr 9, 2019----
Elber Andre$1.000 SSRF in SlackHow I got a $1,000 SSRF on Slack using the same bypass.4 min read·Feb 17, 2019--1--1
Elber AndreRouter exploit: Getting Wireless Password and Administrator Session Without Being Connected on the…[CVE-2017–14219] XSS IN INTELBRAS ROUTER WRN 240.4 min read·Feb 14, 2018--1--1
Elber AndreUploader bypass: Obtendo XSS em ‘imagem . jpg’Como eu consegui burlar um sistema de upload e obter um XSS em uma imagem.2 min read·Feb 8, 2018--2--2