Identifying Possible SSRF/LFI Insertion Points – allysonomalley.com
I’ve been very busy these past few months, leaving little time to hack. I’m very glad to be back at it. I decided to write…
Month: March 2023
Chapter Chapter 9 Good Habits – Alice and Bob Learn Application Security
Questions to be answered: 1. What are some of the risks of technical debt? 2. Should you post private information on social media if you…
Practical Security Recommendations for Start-ups with Limited Budgets
Hi, my name is Alex, I’ve been an IT security professional since 2007 and I’ve recently entered the start-up world with my project bughuntr.io. In…
Exploiting a Blind XSS using Burp Suite
Exploiting a Blind XSS using Burp Suite Last weekend, I participated to the qualification phase for the “Nuit du Hack 2017” CTF. We solved all…
Back to blogging?
I noticed that I didn’t blog for nearly two years :-/ Source link
Salesforce to add ChatGPT to Slack – Strategy – Software
Salesforce is working with ChatGPT creator OpenAI to add the chatbot sensation to its collaboration software Slack, as well as to bring generative artificial intelligence…
Intruder and CSRF-protected form, without macros
Intruder and CSRF-protected form, without macros In these days, CSRF tokens are more and more prevalent in Web applications. As a consequence, managing tokens within…
A recap of the Q&A session on Twitter
A recap of the Q&A session on Twitter [This article was originally posted in June 2020. It disappeared from the blog when a data-center from…
NSA offers tips to safeguard home networks from cyber attacks
National Security Agency (NSA) of the United States has issued some tips to safeguard home networks from cyber attacks and they are as follows: 1.) …
India’s HDB Financial Services flags third-party data breach – Strategy – Security
HDB Financial Services, the non-bank lending unit of India’s top private lender HDFC Bank, has disclosed a data breach at one of its service providers…
LastPass Massive Hack Tied to Engineer Failure
One of LastPass’s engineer neglected to update Plex on their personal computer, which led to the company’s significant breach. Plex claims that the vulnerability is…
Research Reveals ‘Password’ Still the Most Common Term Used by Hackers to Breach Enterprise Networks
Password management and user authentication solutions provider Specops Software has today announced the release of its annual Weak Password Report which analysed over 800 million…