BoMs Away – Why Everyone Should Have a BoM
In this talk, Steve describes the various use cases of a software bill-of-materials (BOM), including facilitating accurate vulnerability and other...
Read more →Category: Mix
What I Learned Watching All 44 AppSec Cali 2019 Talks
What I Learned Watching All 44 AppSec Cali 2019 Talks OWASP AppSec California is one of my favorite security conferences:...
Read more →![[tl;dr sec] #186 - Enterprise Purple Teaming, Cloud CTFs, Code Review with LLMs](https://cybernoz.com/wp-content/uploads/2023/07/tldr-sec-186-Enterprise-Purple-Teaming-Cloud-CTFs-Code.jpg "[tl;dr sec] #186 - Enterprise Purple Teaming, Cloud CTFs, Code Review with LLMs 6")
[tl;dr sec] #186 – Enterprise Purple Teaming, Cloud CTFs, Code Review with LLMs
I hope you’ve been doing well! New Platform, Who Dis? 👋 Hello and welcome to the first edition of tl;dr...
Read more →![[tl;dr sec] #187 - AWS Pentest Methodology, Destroyed by Breach, Awesome LLM Cybersecurity Tools](https://cybernoz.com/wp-content/uploads/2023/07/tldr-sec-187-AWS-Pentest-Methodology-Destroyed-by-Breach.jpg "[tl;dr sec] #187 - AWS Pentest Methodology, Destroyed by Breach, Awesome LLM Cybersecurity Tools 11")
[tl;dr sec] #187 – AWS Pentest Methodology, Destroyed by Breach, Awesome LLM Cybersecurity Tools
I hope you’ve been doing well! 💪 Bro-ing Out This week I’m visiting by brother, who has kindly offered to...
Read more →![[tl;dr sec] #188 - Security Interview Questions, Secret Scanning Tools, PentestGPT](https://cybernoz.com/wp-content/uploads/2023/07/tldr-sec-188-Security-Interview-Questions-Secret-Scanning-Tools.jpg "[tl;dr sec] #188 - Security Interview Questions, Secret Scanning Tools, PentestGPT 13")
[tl;dr sec] #188 – Security Interview Questions, Secret Scanning Tools, PentestGPT
I hope you’ve been doing well! The “Full Utah” Experience Last weekend I got to hang out with my friend...
Read more →
Cache Me If You Can: Messing with Web Caching
In this talk, Louis covers 3 web cache related attacks: cache deception, edge side includes, and cache poisoning. Note: this...
Read more →
Patch Diffing CVE-2023-28121 to Compromise a WooCommerce – RCE Security
Back in March 2023, I noticed an interesting security advisory that was published by Wordfence about a critical “Authentication Bypass...
Read more →
We want to check out your BChecks … | Blog
Emma Stocks | 03 July 2023 at 14:54 UTC Want to create customized scans without the hassle of learning advanced...
Read more →
Citrix Gateway Open Redirect and XSS (CVE-2023-24488) – Assetnote
Summary URL query parameters are not adequately sanitised before they are placed into an HTTP Location header. An attacker can...
Read more →
Reversing Citrix Gateway for XSS – Assetnote
One of the targets we looked at late last year was Citrix Gateway. Citrix Gateway is another of these “all-in-one”...
Read more →
BChecks: Houston, we have a solution! | Blog
Ollie Whitehouse | 29 June 2023 at 12:46 UTC Scripted scan checks in Burp Suite Professional are now a thing...
Read more →
Major improvements to integrations – Detectify Blog
Customizable integrations for today’s security team Resolving vulnerabilities quickly depends on several factors, not least how effectively security and product...
Read more →