Building Bridges: The Art of Effective Communication Across Teams
At HackerOne, we believe that the better we are aligned, the better we know where to go, and the more confident, empowered, and engaged HackerOnies…
Category: Mix
On Listening | HackerOne
Good listening is an act of empathy and curiosity. Empathy is understanding how others feel, what their world looks like, and being compassionate towards them.…
I Suggest You Take a Nap
The topics I want to keep under control are the usual suspects: sleep, diet, exercise, and social connections. I understand these will vary greatly depending…
Why I Keep a Brag Document — and How It Can Help You
Because the fact is, it’s easy to have your work go unnoticed. Sure, as Engineers, we see our faces move around on the sprint board,…
HackerOne Company Values Matter: Win as a Team
Each year, HackerOne employees nominate peers to receive the covetable Values Awards. Since its inception in 2022, the Values Awards have recognized three Win as a…
Actually Good Multimodal AI · Joseph Thacker
OpenAI just made a big move in the AI space with the release of GPT-4o (“o” stands for “omni”). This new model is crazy because…
One Apple Fanboy’s White-hot Anger at the iPad Commercial
Before I go into this, I want to articulate exactly how much of an Apple fanboy I am. I camped for the first iPhone I…
My OpenAI Event Predictions (May 2024)
I don’t have any insider knowledge—unless you count the Information article that just leaked about a possible Her-like assistant—but I think I have a good…
How to Find Remote Code Execution on WordPress [Example]
In this article, we’ll talk about a critical bug report where a hacker found a Remote Code Execution (RCE) on Nextcloud’s WordPress website in the source…
Kata Containers – Improper file permissions for read-only volumes
An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into…
Exploit Archeology – Exploiting an old unknown Server Side Browser
I was recently hacking on a Bug Bounty target and identified an interesting API endpoint which would render user supplied HTML, and execute any included…
ZAP 2.15 Review ⚡️ | HAHWUL
ZAP 2.15가 릴리즈되었습니다. OWASP를 나오는 이슈로 인해 2.14가 빠르게 출시됬던 상태라 2.15까지의 기간 또한 짧았네요. 오늘은 2.15 버전에 대해 빠르게 리뷰해봅니다. Scripts as First Class…