JWT audience claim is not verified
Internet Bug Bounty disclosed a bug submitted by farcaller: https://hackerone.com/reports/1889161 – Bounty: $8000 Source link
Category: Mix
Burp Suite certification prices hacked for Black Friday | Blog
Emma Stocks | 17 November 2021 at 16:13 UTC For the very first time, we’ve decided to join the rest of the world and run…
localStorage + getter = Prototype Pollution
오늘은 Prototype Pollution에 대한 이야기를 잠깐 하려고 합니다. 다름이 아니라 @garethheyes가 아래와 같은 내용의 트윗을 올렸었습니다. 정리하면 localStorage 에서 getter를 사용하는 경우, 즉 직접 접근해서…
Changes to Disclosure Assistance | HackerOne
HackerOne is excited to announce the revamp of our Disclosure Assistance program! Our goal is to reset expectations and realign with the hacker community. As…
Better attack surface filtering and subdomain discovery
TL/DR: We’ve shipped a few new filters to the attack surface page to help security teams easily manage their rapidly expanding attack surface. We’ve also…
The Hierarchy of Content – Daniel Miessler
How vulnerable is your content to replacement by AI? Created/Updated: April 16, 2023 Humans are creative. It’s one of the things that separates us from…
How to choose and care for a secure open source project
A few tricks for assessing the security of an open source project. There is a rather progressive sect of the software development world that believes…
CVE-2023-25692: Apache Airflow Google Provider: Google Cloud Sql Provider Denial Of Service and Remote Command Execution
Internet Bug Bounty disclosed a bug submitted by sw0rd1ight: https://hackerone.com/reports/1895316 – Bounty: $480 Source link
The mystery of the missing Mac release | Blog
Dafydd Stuttard | 02 December 2021 at 16:23 UTC Burp Suite Sherlock Holmes Some eagle-eyed users of Burp Suite have noticed that there is no…
ZAP 2.12 살펴보기 ⚡️
드디어 ZAP 2.12 버전이 릴리즈되었습니다. 🎉👏🏼🍾 10월 중순쯤에 릴리즈 예정이였지만, 이슈로 약간 늦어졌다고 하네요. 오늘은 ZAP 2.12 버전에서 바뀐 내용들을 리뷰해보도록 하겠습니다. 그럼 시작하죠. UI…
Brand Ambassador Announcement | HackerOne
2022 just came to an end. We hope you found plenty of bugs, collected a lot in bounties, and are ready to set goals for…
Busting browser fails: What attackers see when they hack your employees’ browser
The web browser is probably the most used application on your computer. It’s used for basically everything from checking email, communicating via social media, video…