Patrik Fehrenbach - Patrik Fehrenbach - Web Security Services

[WSS] Security Labs

How I made more than $30K with Jolokia CVEs

How I made more than $30K with Jolokia CVEs

Dear Readers – it’s been a while. First and foremost: This blog post is mostly inspired by the Gotham Security : jolokia-vulnerabilities-rce-xss write-up. None of what you are about to read is really new; I just found it difficult to find a complete write-up which describes the most common misconfigurations, so

June 16, 2020 • 14 min read min read

Visual Recon - A beginners guide

Visual Recon - A beginners guide

May 05, 2018 • 5 min read min read

The Stony Path of Android 🤖 Bug Bounty - Bypassing Certificate Pinning

The Stony Path of Android 🤖 Bug Bounty - Bypassing Certificate Pinning

October 21, 2017 • 9 min read min read

Messaging Queues in the IoT under pressure - Stress Testing the Mosquitto MQTT Broker

Messaging Queues in the IoT under pressure - Stress Testing the Mosquitto MQTT Broker

October 05, 2017 • min read

Decoding a $😱,000.00 htpasswd bounty

Decoding a $😱,000.00 htpasswd bounty

September 08, 2016 • 3 min read min read

Sleeping stored Google XSS Awakens a $5000 Bounty

Sleeping stored Google XSS Awakens a $5000 Bounty

May 17, 2016 • 3 min read min read