Category: Mix
My first introduction to reconnaissance was Jason Haddix’s Bug Bounty Hunters Methodology. It’s the de facto standard and is still…
Often when performing application security research, we come across other researchers who have found critical vulnerabilities in software that can…
tl;dr ViewStates in JSF are serialized Java objects. If the used JSF implementation in a web application is not configured…
Esta entrada se trata de una vulnerabilidad sencilla, pero peligrosa, que he visto en varias ocasiones. Creo que esta falla…
announcement-date: 2020-11-17 id: KCSA-CVE-2020-28914 title: Kata Containers Improper file permissions for read-only volumes description: An improper file permissions vulnerability affects…
Exploiting WPAD with Burp Suite and the “HTTP Injector” extension I went last week to the ASFWS conference (“Application Security…
ICYMI, we recently presented A CISOs Guide to the New 2023 OWASP API Security Update. In this first of two…
Launching an InfoSec Career: My six essential tips | Security Simplified Source link
Bug Bounties With Bash – VirSecCon2020 Talk Source link
![[tl;dr sec] #174 - Mitigating SSRF in 2023, Isolation & Container Namespaces, Offensive AI Compilation](https://cybernoz.com/wp-content/uploads/2023/03/tldr-sec-174-Mitigating-SSRF-in-2023-Isolation-360x270.jpg "[tl;dr sec] #174 – Mitigating SSRF in 2023, Isolation & Container Namespaces, Offensive AI Compilation")
Hey there, I hope you’ve been doing well! Lift-ed Spirits Despite living within a few hour drive of Tahoe for…
Uber disclosed a bug submitted by zhero_: https://hackerone.com/reports/1790444 – Bounty: $650 Source link