diff --git a/days/day345-363.md b/days/day345-363.md index c5e7bee..1aa57f9 100644 --- a/days/day345-363.md +++ b/days/day345-363.md @@ -9,22 +9,22 @@ ___ #### Learning Resource: -Day345: SSRF in AppSheet - Google VRP [https://nechudav.blogspot.com/2021/12/ssrf-vulnerability-in-appsheet-google.html] -Day346: Accidental IDOR in eLearnSecurity [https://p1boom.com/2021/12/accidental-idor-in-elearnsecurity-to.html] -Day347: Facebook Vulnerability [https://t.co/m0b0pjLdPe] -Day-348: https://j0vsec.com/post/cve-2021-43798/ -Day-349: https://ahmed8magdy.medium.com/file-upload-to-rce-538bb4128062 -Day-350: https://t.co/HXfJdtsYOX -Day-351: https://securityflow.io/impact-of-an-insecure-deep-link/ -Day-352: https://itsfading.github.io/posts/Unrestricted-File-Upload-Leads-to-SSRF-and-RCE/ -Day-353: https://wiz.io/blog/chaosdb-explained-azures-cosmos-db-vulnerability-walkthrough -Day-354: https://secreltyhiddenwriteups.blogspot.com/2021/11/becoming-super-admin-in-someone-elses.html -Day-355: https://0x0021h.medium.com/bypass-chrome-ad-heavy-detection-mechanism-25c9e2e4a0c4 -Day-356: https://t.co/SMYmN5bbE2 -Day-357:https://wya.pl/2021/12/20/bring-your-own-ssrf-the-gateway-actuator/ -Day-358: https://security.lauritz-holtmann.de/advisories/flickr-account-takeover/ -Day-359:https://blog.quarkslab.com/why-is-exposing-the-docker-socket-a-really-bad-idea.html -Day-360:https://evilpacket.net/2017/enumerating-files-using-server-side-request-forgery-and-the-request-module/ -Day-361:https://youtube.com/watch?v=7W7S6PYwc6s -Day-362:https://sensepost.com/blog/2021/android-application-testing-using-windows-11-and-windows-subsystem-for-android/ -Day-363: https://t.co/8DrT7xp4WY \ No newline at end of file +- Day345: SSRF in AppSheet - Google VRP [https://nechudav.blogspot.com/2021/12/ssrf-vulnerability-in-appsheet-google.html] +- Day346: Accidental IDOR in eLearnSecurity [https://p1boom.com/2021/12/accidental-idor-in-elearnsecurity-to.html] +- Day347: Facebook Vulnerability [https://t.co/m0b0pjLdPe] +- Day-348: https://j0vsec.com/post/cve-2021-43798/ +- Day-349: https://ahmed8magdy.medium.com/file-upload-to-rce-538bb4128062 +- Day-350: https://t.co/HXfJdtsYOX +- Day-351: https://securityflow.io/impact-of-an-insecure-deep-link/ +- Day-352: https://itsfading.github.io/posts/Unrestricted-File-Upload-Leads-to-SSRF-and-RCE/ +- Day-353: https://wiz.io/blog/chaosdb-explained-azures-cosmos-db-vulnerability-walkthrough +- Day-354: https://secreltyhiddenwriteups.blogspot.com/2021/11/becoming-super-admin-in-someone-elses.html +- Day-355: https://0x0021h.medium.com/bypass-chrome-ad-heavy-detection-mechanism-25c9e2e4a0c4 +- Day-356: https://t.co/SMYmN5bbE2 +- Day-357:https://wya.pl/2021/12/20/bring-your-own-ssrf-the-gateway-actuator/ +- Day-358: https://security.lauritz-holtmann.de/advisories/flickr-account-takeover/ +- Day-359:https://blog.quarkslab.com/why-is-exposing-the-docker-socket-a-really-bad-idea.html +- Day-360:https://evilpacket.net/2017/enumerating-files-using-server-side-request-forgery-and-the-request-module/ +- Day-361:https://youtube.com/watch?v=7W7S6PYwc6s +- Day-362:https://sensepost.com/blog/2021/android-application-testing-using-windows-11-and-windows-subsystem-for-android/ +- Day-363: https://t.co/8DrT7xp4WY