ProjectDiscovery Blog

Welcome to our first community spotlight blog! We started the community spotlight recently for two major reasons: to recognize the work of some of our most active community members and to share that work with others. ProjectDiscovery is community driven, and all of our tools wouldn’t be possible without

This is the second part of our series on bug bounty etiquette. Part one looks at what you should be doing.  Last month we talked about bug bounty etiquette and how to be a good bug bounty hunter; not in the sense of finding more bugs, but rather in how

GameOver(lay) encompasses two significant vulnerabilities within the Ubuntu kernel, CVE-2023-2640, and CVE-2023-32629, each carrying a high-severity rating with CVSS scores of 7.8. These vulnerabilities pose a critical threat, potentially affecting around 40% of Ubuntu users. The vulnerability lies within the OverlayFS module of the Ubuntu kernel, enabling a

This is part one of our two-part series on polite hacking, focusing on what to do. Part two talks about what not to do (link coming soon).  This blog is not about techniques. It’s not about tools to use, how to find the vulnerability, or anything like that. There

CVE-2023-22518 is a critical vulnerability in Atlassian Confluence Data Center and Server. The vulnerability could potentially allow unauthenticated attackers with network access to the Confluence Instance to restore the database of the Confluence instance and eventually execute arbitrary system commands. Technical Details After performing a patch diff between the patched

Description: CVE-2023-46747 is a critical vulnerability in the F5 BIG-IP Configuration Utility identified as a request smuggling bug within the Apache JServ Protocol (AJP). The flaw could potentially allow unauthenticated attackers with network access to the BIG-IP system through the management port and/or self-IP addresses to execute arbitrary system

Summary of Releases v9.6.5, v9.6.6, v9.6.7 and v9.6.8 This month, we've released multiple versions of Nuclei Templates that bring numerous enhancements to Nuclei users. Here are some highlighted stats from the combined releases: 🎉 316 New Templates added 🚀 14 First-time contributions 🔥 158 New

Cyber threats have always been a part of the landscape of tech; from the first worm all the way to current supply chain and CI/CD vulnerabilities. What's different now is there seems to be an overwhelming amount of tools and solutions promising to be the silver bullet against security

ProjectDiscovery has been working hard over the recent months! Recent template releases have been covering important CVEs and other exploitable vulnerabilities, we’ve been speaking at various conferences, and moreover, we’ve been crafting and writing major improvements for our flagship tool, Nuclei. That work has led us to the