![[tl;dr sec] #188 - Security Interview Questions, Secret Scanning Tools, PentestGPT](https://cybernoz.com/wp-content/uploads/2023/07/tldr-sec-188-Security-Interview-Questions-Secret-Scanning-Tools.jpg "[tl;dr sec] #188 - Security Interview Questions, Secret Scanning Tools, PentestGPT 1")
[tl;dr sec] #188 – Security Interview Questions, Secret Scanning Tools, PentestGPT
I hope you’ve been doing well! The “Full Utah” Experience Last weekend I got to hang out with my friend...
Read more →Category: Mix
Cache Me If You Can: Messing with Web Caching
In this talk, Louis covers 3 web cache related attacks: cache deception, edge side includes, and cache poisoning. Note: this...
Read more →
Patch Diffing CVE-2023-28121 to Compromise a WooCommerce – RCE Security
Back in March 2023, I noticed an interesting security advisory that was published by Wordfence about a critical “Authentication Bypass...
Read more →
We want to check out your BChecks … | Blog
Emma Stocks | 03 July 2023 at 14:54 UTC Want to create customized scans without the hassle of learning advanced...
Read more →
Citrix Gateway Open Redirect and XSS (CVE-2023-24488) – Assetnote
Summary URL query parameters are not adequately sanitised before they are placed into an HTTP Location header. An attacker can...
Read more →
Reversing Citrix Gateway for XSS – Assetnote
One of the targets we looked at late last year was Citrix Gateway. Citrix Gateway is another of these “all-in-one”...
Read more →
BChecks: Houston, we have a solution! | Blog
Ollie Whitehouse | 29 June 2023 at 12:46 UTC Scripted scan checks in Burp Suite Professional are now a thing...
Read more →
Major improvements to integrations – Detectify Blog
Customizable integrations for today’s security team Resolving vulnerabilities quickly depends on several factors, not least how effectively security and product...
Read more →
Maximizing Performance with Wallarm Filtering Nodes in Amazon’s Global Infrastructure
Introduction In today’s digital landscape, ensuring the security and performance of web applications is paramount. To achieve optimal protection against...
Read more →
Bug Bytes #205 – Live Hacking, AI Hacking and Helicopter Hacking
Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by...
Read more →
MSF Pivoting X SocksProxy
[*] 최근에 MSF로 Pivoting 환경에서 테스팅이 필요한 경우가 있었습니다. 방법 자체는 어려운게 아니라 그냥 몸에 있는대로 진행하긴 했는데, 생각해보니 블로그에...
Read more →
Introducing Integrated API Abuse Prevention to Combat Bad Bots
In recent years there’s been a rise in “API Abuse” attacks, which includes detrimental automated behaviors such as malicious bots,...
Read more →