Wallarm Named a Leader in GigaOm Radar for API Security
I am thrilled to share that Wallarm, has been named a leader in the GigaOm Radar for API Security! We would like to share insights…
Category: Mix
LastPass Settings Upgrade, Boosting ChatGPT Output, AI Adding Societal Transparency
Unsupervised Learning is a Security, AI, and Meaning-focused podcast that looks at how best to thrive as humans in a post-AI world. It combines original…
Boosting Election Integrity With Coordinated Vulnerability Disclosure [4 Insights]
1. This year, The first collaborative engagement dedicated to establishing trust and demonstrating progress through coordinated vulnerability disclosure occurred at the Election Security Research Forum…
parameter pollution bug at twitter | by mert tasci
mert tasci · Follow 1 min read · Mar 11, 2023 — 1 Listen Share twitter sent an e-mail to you when someone followed you…
Piercing the Veal: Short Stories to Read with Friends | by d0nut
This feedback mechanism made me realize that this was more than a simple CRUD app and this service must be issuing an HTTP request to…
a little open redirect bypass story | by mert tasci
in one private program at bugcrowd, i came across three different open redirect bug methods. firstthis is an effortless open redirect vulnerability as follows and…
My Year in Review — 2020. So | by d0nut
While terribly disappointed, I still had drive left in me to do well for myself and continue onward. At this time, I believed that we’d…
[tl;dr sec] #212 – AWS Security Services Best Practices, EDR Bypass Lab, 100+ Vulnerable Practice Apps
I hope you’ve been doing well! 👋 New Year, Who Dis? I hope you had a great holiday break and New Years! If you’re new,…
xss attack vector at “style” context for less.js – mert tasci
detailless & sass suddenly came to my mind when researching about of css injection attacks. you know, both are css pre-processor so i think they…
The Stony Path of Android 🤖 Bug Bounty – Bypassing Certificate Pinning
Dear readers, Long story short, doing bug bounties for mobile devices is hard. With this article I want to show you a rather simple way…
High Risk Vulnerabilities within the DoD – Exploiting Coldfusion, Dotnet Nuke, Oracle, and more | by Alyssa Herrera
The Department of Defense Launched a bug bounty program on November 21st, 2016 on Hackerone. This allowed researchers to report vulnerabilities on any military domain,…
BugBountyHunter Chats — Getting to know 0xblackbird, YouGina, JTCSec and HolyBugx | by Sean (zseano)
18 min read · Jul 12, 2021 BugBountyHunter.com opened early November 2020 and the amount of growth we have seen in members has been phenomenal!…