Click "Sign up" to join the WhiteHub cybersecurity community
Choose a public program to start pentesting
Report any discovered vulnerability to claim rewards and accumulate reputation point in order to join restricted programs
Members with high experience points will be granted the Trusted status and invited to secret programs with extra perks
Trape 2.0 SQLi and stored XSS
CyStack Advisory IDCSA-2019-02CVE IDsCVE-2019-13488, CVE-2019-13489Severity MediumTrape [https://github.com/jofpin/trape] is an OSINT analysis and research tool, which allows people to track and execute intelligent social engineering attacks in real time. It is a quite popular project, with 4k star...
Arbitrary file read vulnerability in Hackerrank
Summary HackerRank [https://www.hackerrank.com/] is a technical hiring platform that helps businesses evaluate software developers based on skill. I found several its website can be attacked to read arbitrary files. Details Most websites of Hackerrank use Ruby on Rails (RoR) as their backend. Unfo...