Skip to content

David Sopas – Security Researcher

I hack and I love it!

  • Home
  • About
  • Advisories
  • Contacts

Month: October 2015

  • Home
  • 2015
  • October

SendGrid Reflected File Download

  • Advisories
  • Swag
Posted on October 28, 2015

For those who don’t know who SendGrid is… SendGrid provides unmatched deliverability, scalability, and reliability. We deliver email on behalf of happy customers such as: […]

Read More

Detect the latest Joomla! SQL Injection vulnerability online

  • Tips and Tricks
Posted on October 26, 2015

SecureLayer7 released a online scanner for the Joomla 3.4.4 Core SQL injection Vulnerability. Check it out http://joomlatest.securelayer7.net/

Read More

Hack.lu 2015 slides download

  • Interesting Readings
Posted on October 23, 2015

Slides from Hack.lu can now be downloaded at http://2015.hack.lu/archive/2015/ Enjoy!

Read More

Joomla SQL Injection Vulnerability

  • Interesting Readings
Posted on October 22, 2015

Trustwave disclosed a security report on a SQL Injection on popular CMS Joomla! that will result in full administrative access. Awesome work! https://www.trustwave.com/Resources/SpiderLabs-Blog/Joomla-SQL-Injection-Vulnerability-Exploit-Results-in-Full-Administrative-Access/

Read More

Attacking Ruby on Rails

  • Interesting Readings
Posted on October 21, 2015

I want to share a interesting reading that I noticed when searching Mr. G for Ruby security. I still didn’t finished reading it because lack […]

Read More

Hack to the Future with Cobalt

  • Swag
Posted on October 21, 2015

Cobalt.io published a nice image on Twitter with some of the security researchers. Can you guess who’s there?

Read More

Get a bounty on a WordPress blog

  • Tips and Tricks
Posted on October 16, 2015

I would like describe a step-by-step of my latest “appreciation program” reward on a security issue in a WordPress plugin. First things first – check […]

Read More

Free online proxy using Bing Translator

  • Tips and Tricks
Posted on October 16, 2015

This method is already known on many other servers like Google Translator and other online services. I don’t know if I might consider this to […]

Read More

Events Made Easy WordPress plugin CSRF + Persistent XSS

  • Advisories
Posted on October 15, 2015November 23, 2018

Plugin link: https://wordpress.org/plugins/events-made-easy/ Active Installs: 10,000+ Version tested: 1.5.49 CVE Reference: Waiting Events Made Easy is a full-featured event management solution for WordPress. Events Made […]

Read More

Free online tools to help your #bugbounty

  • Bug Bounty
  • Tips and Tricks
Posted on October 12, 2015

I’m getting a few emails asking some tips on how to get some bounties. Because I like to help others and I’m a share knowledge […]

Read More

Posts navigation

Prev

Recent Posts

  • I printed a 3D box for my bettercap arsenal and I liked it
  • Our DEF CON 28 day was a blast
  • DEF CON 28 here I go
  • A small gesture on this pandemic times
  • Checkmarx Security Research Team latest work

Recent Comments

  • David Sopas on BLE Driving 101
  • JIm K on BLE Driving 101
  • David Sopas on XSS on a input hidden field
  • shi on XSS on a input hidden field
  • David Sopas on Free online tools to help your #bugbounty

Archives

  • August 2020
  • July 2020
  • June 2020
  • March 2020
  • December 2019
  • August 2019
  • March 2019
  • February 2019
  • December 2018
  • November 2018
  • October 2018
  • August 2018
  • April 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • June 2017
  • April 2017
  • January 2017
  • November 2016
  • October 2016
  • August 2016
  • March 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015

Categories

  • Advisories
  • Bug Bounty
  • Challenge
  • Donations
  • Hardware
  • Inspiration
  • Interesting Readings
  • IoT
  • Life Style
  • Meetings
  • My Events
  • News
  • Papers
  • Swag
  • Tips and Tricks
  • Tools
  • Travel
  • Warning
Copyright © 2022 Biographyn by Theme Palace | Privacy Policy