Category: Mix

Case Guide for Auditing Ruby on Rails – Assetnote
08
Mar
2023

Case Guide for Auditing Ruby on Rails – Assetnote

Many enterprise organizations that deal with large amounts of data that needs to be shared between employees or stakeholders often…

Remote code execution in Elixir-based Paginator
08
Mar
2023

Remote code execution in Elixir-based Paginator

Intro In August of this year I found a remote code execution vulnerability in the Elixir-based Paginator open-source project from…

Identifying Possible SSRF/LFI Insertion Points – allysonomalley.com
08
Mar
2023

Identifying Possible SSRF/LFI Insertion Points – allysonomalley.com

I’ve been very busy these past few months, leaving little time to hack. I’m very glad to be back at…

08
Mar
2023

Chapter Chapter 9 Good Habits – Alice and Bob Learn Application Security

Questions to be answered: 1. What are some of the risks of technical debt? 2. Should you post private information…

08
Mar
2023

Practical Security Recommendations for Start-ups with Limited Budgets

Hi, my name is Alex, I’ve been an IT security professional since 2007 and I’ve recently entered the start-up world…

Exploiting a Blind XSS using Burp Suite
08
Mar
2023

Exploiting a Blind XSS using Burp Suite

Exploiting a Blind XSS using Burp Suite Last weekend, I participated to the qualification phase for the “Nuit du Hack…

08
Mar
2023

Back to blogging?

I noticed that I didn’t blog for nearly two years :-/ Source link

Intruder and CSRF-protected form, without macros
08
Mar
2023

Intruder and CSRF-protected form, without macros

Intruder and CSRF-protected form, without macros In these days, CSRF tokens are more and more prevalent in Web applications. As…

08
Mar
2023

A recap of the Q&A session on Twitter

A recap of the Q&A session on Twitter [This article was originally posted in June 2020. It disappeared from the…