security

The HackerOne bug bounty platform is the largest one to have its own researcher API. The ability to retrieve a list of in-scope targets creates the possibility for large scale vulnerability scanning.

DNS exfiltration allows getting data off a compromised machine using DNS lookups to hide the data. During security research, using DNS for exfiltration may help circumvent security restrictions or avoid detection.