API10:2023 Unsafe Consumption of APIs
Welcome to the 11th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners.…
Category: Mix
Zest + YAML = ❤️
최근에 Zest 쪽의 Commit (zaproxy/zest/6d67925) 하나를 주시하고 있었습니다. 바로 Zest에서 YAML 포맷 지원에 대한 내용이였는데요. 드디어 공식 릴리즈가 이루어졌고 이제 Zest에서 YAML 포맷을 사용할 수…
[tl;dr sec] #201 – CloudRecon, LLM Security, Okta for Red Teamers
I hope you’ve been doing well! 📣 Accepting Sponsors for 2024! Hi! Clint here with a special TV newsletter offer. Do you have an awesome…
Unlocking Seamless API Security: Revenera’s Journey with Wallarm
In today’s digital landscape, ensuring the security of web applications and APIs is paramount. The journey to find the right security solution can be filled…
GlacierCTF Players: Earn Up To $15k Bonuses for Yahoo Bug Bounty Submissions
Since its inception, Yahoo’s Bug Bounty program has received thousands of vulnerability reports from over 6,000 hackers worldwide. And today, the ten-year-old program is growing…
Achievement Society and the Rise of Narcissism, Depression, and Anxiety
The following is the output of extwis on a piece of content. extwis is an AI tool I built for extracting meaning from text-based content…
Bug Bytes #212 – XSS Payloads, IDOR prediction and Cloud Security
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps…
The Journey Back to My Name · Joseph Thacker
How and why I moved rez0.blog to josephthacker.com The story of josephthacker.com Back in college, I bought the domain josephthacker.com for something like 20 dollars.…
Learn the 3 Key Principles at Kong API Summit 2023
In an era where APIs (Application Programming Interfaces) are the lifeblood of digital interactions, the need for robust API security has never been more critical. …
What Hiring Managers Want, CVE Farming, Hunt Forward Operations, and AI vs. B2B Services
Unsupervised Learning is a Security, AI, and Meaning-focused podcast that looks at how best to thrive as humans in a post-AI world. It combines original…
DOM Invader and the case of direct eval vs indirect eval | Blog
Gareth Heyes | 25 September 2023 at 14:00 UTC What is DOM Invader? DOM Invader is a browser extension that makes it easy to find…
Turbocharge ChatGPT With A Metaprompter · Joseph Thacker
Over the past few weeks, I’ve been exploring the capabilities of ChatGPT on both GPT-3.5 and GPT-4. They’re incredibly powerful tools that can provide high-quality…