Category: Mix

Bugcrowd Security Flash – Confluence Server Webwork OGNL Injection (CVE 2021-26084) Source link

What’s the most profitable bug bounty Michael has reported? Source link

XSS is all about practice. It requires a lot of time to print in the mind all vectors, payloads and…

I recently participated in the NahamCon CTF with the team Hacking for Soju. I was unable to complete this challenge…

Simplify your task management strategy with my favorite hardware: paper. Coding up a to-do app may be the Hello, World…

Alfred WebApp Payloads Demo (XSS & Reverse Shell Payloads!) Source link

A centralized way to consume your information security news, with a focus on web application security. Save time and effort,…

At Assetnote, we often audit enterprise software source code to discover pre-authentication vulnerabilities. Yellowfin BI had significance to us because…

Summary This blog post is a reminder that you should make sure that all your builds in the Java ecosystem…

I’ve been working on a few small projects while learning Go, and this one turned out to be useful enough…

Adam Bannister 09 February 2021 at 12:47 UTC Updated: 09 February 2021 at 12:59 UTC ‘An odd one, impact wise’…

AMF parsing and XXE I recently played with two libraries parsing the AMF (aka Action Message Format) binary format: BlazeDS…