What I Learned Watching All 44 AppSec Cali 2019 Talks
What I Learned Watching All 44 AppSec Cali 2019 Talks OWASP AppSec California is one of my favorite security conferences: the talks are great, attendees…
Category: Mix
[tl;dr sec] #186 – Enterprise Purple Teaming, Cloud CTFs, Code Review with LLMs
I hope you’ve been doing well! New Platform, Who Dis? 👋 Hello and welcome to the first edition of tl;dr sec on Beehiiv! If you…
[tl;dr sec] #187 – AWS Pentest Methodology, Destroyed by Breach, Awesome LLM Cybersecurity Tools
I hope you’ve been doing well! 💪 Bro-ing Out This week I’m visiting by brother, who has kindly offered to host me in his 1…
[tl;dr sec] #188 – Security Interview Questions, Secret Scanning Tools, PentestGPT
I hope you’ve been doing well! The “Full Utah” Experience Last weekend I got to hang out with my friend Scott Piper, and he gave…
Cache Me If You Can: Messing with Web Caching
In this talk, Louis covers 3 web cache related attacks: cache deception, edge side includes, and cache poisoning. Note: this was an awesomely dense, technical…
Patch Diffing CVE-2023-28121 to Compromise a WooCommerce – RCE Security
Back in March 2023, I noticed an interesting security advisory that was published by Wordfence about a critical “Authentication Bypass and Privilege Escalation” (aka CVE-2023-28121)…
We want to check out your BChecks … | Blog
Emma Stocks | 03 July 2023 at 14:54 UTC Want to create customized scans without the hassle of learning advanced programming? Burp Suite’s got you…
Citrix Gateway Open Redirect and XSS (CVE-2023-24488) – Assetnote
Summary URL query parameters are not adequately sanitised before they are placed into an HTTP Location header. An attacker can exploit this to create a…
Reversing Citrix Gateway for XSS – Assetnote
One of the targets we looked at late last year was Citrix Gateway. Citrix Gateway is another of these “all-in-one” network devices, combining a load…
BChecks: Houston, we have a solution! | Blog
Ollie Whitehouse | 29 June 2023 at 12:46 UTC Scripted scan checks in Burp Suite Professional are now a thing … tl;dr Burp Suite Professional…
Major improvements to integrations – Detectify Blog
Customizable integrations for today’s security team Resolving vulnerabilities quickly depends on several factors, not least how effectively security and product development teams collaborate. Modern security…
Maximizing Performance with Wallarm Filtering Nodes in Amazon’s Global Infrastructure
Introduction In today’s digital landscape, ensuring the security and performance of web applications is paramount. To achieve optimal protection against cyber threats, organizations deploy web…