Verifying my Blockstack ID is secured with the address 1C7SnTWig9cr3cuPhAeC4BoMhA4yejXC8m https://explorer.blockstack.org/address/1C7SnTWig9cr3cuPhAeC4BoMhA4yejXC8m |
www.nulloy.com | |
geoway.xyz | |
electriceel.xyz | |
cheriandcherie.com | |
ysm.life | |
yetanothergamestudio.com | |
woholer.info | |
wnereiz.net | |
webdevroom.net | |
waitlist.live |
<style>body{margin:0}.overlay{position:fixed;top:0;left:0;z-index:999;height:100vh;width:100vw;background:rgba(0,0,0,0.5)}.alert{width:300px;padding:0 20px 0 0px;position:absolute;top:50%;left:50%;transform:translate(-50%, -50%);background:#fff}.alert p{color:#000 !important;padding:45px;text-align:center;font-family:sans-serif}.ok{background:#eee;width:100%;height:30px;padding:10px 10px}.ok button{float:right;padding:0 25px;margin-right:5px}</style><div class="overlay"><div class="alert"><p>1</p><div class="ok"><button>OK</button></div></div></div> |
Verifying my Blockstack ID is secured with the address 1MYJhkhmKN6HFXUBpaeDfFja8j5bFR6VTr https://explorer.blockstack.org/address/1MYJhkhmKN6HFXUBpaeDfFja8j5bFR6VTr
/http://example.com | |
/%5cexample.com | |
/%2f%2fexample.com | |
/example.com/%2f%2e%2e | |
/http:/example.com | |
/?url=http://example.com&next=http://example.com&redirect=http://example.com&redir=http://example.com&rurl=http://example.com | |
/?url=//example.com&next=//example.com&redirect=//example.com&redir=//example.com&rurl=//example.com | |
/?url=/\/example.com&next=/\/example.com&redirect=/\/example.com | |
/redirect?url=http://example.com&next=http://example.com&redirect=http://example.com&redir=http://example.com&rurl=http://example.com | |
/redirect?url=//example.com&next=//example.com&redirect=//example.com&redir=//example.com&rurl=//example.com |
I hereby claim:
- I am edoverflow on github.
- I am edoverflow (https://keybase.io/edoverflow) on keybase.
- I have a public key ASDfEwD4wuFwxlxKl77DZju1xcWdKUSV3sFDCdK16rW3Tgo
To claim this, I am signing this object:
Broken Link Hijacking (BLH) exists whenever a target links to an expired domain or page. Broken Link Hijacking comes in two forms, reflected and stored. This issue has been exploited in the wild numerous times, but surprisingly few researchers actively look for broken links in bug bounty programs.
This post aims to give you a basic overview of the different issues that could possibly arise if a target links to an expired endpoint.
Note: Please keep in mind, that all of this does not work if you are not signed in to GitHub.
When searching for issues related to a target I often like to quickly look up their GitHub organization on Google.
So let's say Gratipay says nothing about being open source. A quick Google "Gratipay GitHub" should return Gratipay's org page on GitHub.
Then from there I am going to check what repos actually belong to the org and which are forked. You can do this by selecting the Type:
dropdown on the right hand side of the page.