Category: Mix
Bugcrowd Security Flash – Confluence Server Webwork OGNL Injection (CVE 2021-26084) Source link
What’s the most profitable bug bounty Michael has reported? Source link
XSS is all about practice. It requires a lot of time to print in the mind all vectors, payloads and…
I recently participated in the NahamCon CTF with the team Hacking for Soju. I was unable to complete this challenge…
Simplify your task management strategy with my favorite hardware: paper. Coding up a to-do app may be the Hello, World…
Alfred WebApp Payloads Demo (XSS & Reverse Shell Payloads!) Source link
A centralized way to consume your information security news, with a focus on web application security. Save time and effort,…
At Assetnote, we often audit enterprise software source code to discover pre-authentication vulnerabilities. Yellowfin BI had significance to us because…
Summary This blog post is a reminder that you should make sure that all your builds in the Java ecosystem…
I’ve been working on a few small projects while learning Go, and this one turned out to be useful enough…
Adam Bannister 09 February 2021 at 12:47 UTC Updated: 09 February 2021 at 12:59 UTC ‘An odd one, impact wise’…
AMF parsing and XXE I recently played with two libraries parsing the AMF (aka Action Message Format) binary format: BlazeDS…