How to choose and care for a secure open source project
A few tricks for assessing the security of an open source project. There is a rather progressive sect of the software development world that believes…
Category: Mix
CVE-2023-25692: Apache Airflow Google Provider: Google Cloud Sql Provider Denial Of Service and Remote Command Execution
Internet Bug Bounty disclosed a bug submitted by sw0rd1ight: https://hackerone.com/reports/1895316 – Bounty: $480 Source link
The mystery of the missing Mac release | Blog
Dafydd Stuttard | 02 December 2021 at 16:23 UTC Burp Suite Sherlock Holmes Some eagle-eyed users of Burp Suite have noticed that there is no…
ZAP 2.12 살펴보기 ⚡️
드디어 ZAP 2.12 버전이 릴리즈되었습니다. 🎉👏🏼🍾 10월 중순쯤에 릴리즈 예정이였지만, 이슈로 약간 늦어졌다고 하네요. 오늘은 ZAP 2.12 버전에서 바뀐 내용들을 리뷰해보도록 하겠습니다. 그럼 시작하죠. UI…
Brand Ambassador Announcement | HackerOne
2022 just came to an end. We hope you found plenty of bugs, collected a lot in bounties, and are ready to set goals for…
Busting browser fails: What attackers see when they hack your employees’ browser
The web browser is probably the most used application on your computer. It’s used for basically everything from checking email, communicating via social media, video…
NO. 368 | ChinaBalloons, CustomGPT, 90s++…
✅ Please add this address to your “safe senders” or equivalent within your mail client. It’ll prevent the email from occasionally descending into the void.…
Technical ergonomics for the efficient developer
If you knew these tools existed, you’d probably be using them by now. This article isn’t going to tell you about saving your neck with…
adding h1_analyst_* to username for normal users
HackerOne disclosed a bug submitted by refaat01: https://hackerone.com/reports/1770797 – Bounty: $500 Source link
Burp Suite roadmap for 2022 | Blog
Matt Atkinson | 13 January 2022 at 15:45 UTC This roadmap has now been updated. Please see our July 2022 roadmap update. With 2022 now…
빠른 테스팅을 위한 ZAP 단축키들
ZAP에서 자주 사용하는 단축키들 정리해둡니다. 개인적으로 Tab 계통(History, Fuzz, Sites, Scripts 등)은 3키 이상 눌러야 하기 때문에 대다수가 1-2 키 구성입니다. (물론 탭들도 쉽게 적용하는…
How Human Security Testing Helps the U.S. Government’s Zero Trust Mandate
One major reason for the progress is a May 2021 Executive Order that pushes federal agencies to speedily embrace the “never trust; always verify” cybersecurity…