Ready to Start Your Career?

By: vinothpkumar
February 9, 2016
Same-Site Scripting: The Lesser-Known Vulnerability

By: vinothpkumar
February 9, 2016

ping subdomain.example.com
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Many organization have the DNS misconfigured with the address 127.0.0.1 (but, we won't disclose all those websites). We will share that the famous Bug Bounty Program, HackerOne, had this issue. They were notified by a security researcher and fixed the vulnerability. Let's Fix the Issue1. Change the IP address from 127.0.0.1 to a random address.2. Simply remove the sub-domain entry if it's not needed. Regards,Vinoth kumarSecurity Researcher