import alignment: A Library-based Approach to AI Alignment
What if we could send AI a message as soon as it wakes up? Created/Updated: April 3, 2023 There is much being said right now…
Category: Mix
Your cybersecurity starter pack | victoria.dev
Basic security best practices to share with your non-technical friend. Readers of my blog typically know more about technology and cybersecurity than most people. This…
Nahamsec interviews Albinowax
Note that during these interviews I also moderate thus quality may vary. Profile 🐝 Head of research at Portswigger University computer science Bug bounty Pentester…
The Hidden Gems Of The Burp Suite Settings [April 2023 version]
The Hidden Gems Of The Burp Suite Settings [April 2023 version] Source link
A malicious actor could rotate tokens of a victim, given that he knows the victim’s token ID
Cloudflare Public Bug Bounty disclosed a bug submitted by esx: https://hackerone.com/reports/1525309 – Bounty: $2700 Source link
Low-Hanging Apples: Hunting Credentials and Secrets in iOS Apps
Diving straight into reverse-engineering iOS apps can be daunting and time-consuming. While wading into the binary can pay off greatly in the long run, it’s…
Thotcon 2016 – Abusing Linux Trust Relationships
Slides Supplemental Demo Video: Source link
Finding client-side prototype pollution with DOM Invader | Blog
Gareth Heyes | 20 June 2022 at 12:37 UTC Last year we made it significantly easier to find DOM XSS, when we introduced a brand…
Web API Security
Introduction Web API는 웹에서 사용 또는 웹을 기반으로 사용되는 API를 의미합니다. 기본적으로 웹에서 사용되는 API라고 알려져 있지만 모바일, IoT 등 다른 디바이스나 플랫폼에서도 Web을 기반으로…
Ten Practical Tips For High-Value Pentest Engagements
Many organizations see penetration testing as an annual, obligatory exercise to check the compliance box and move on. As a result, these companies rarely get…
On-platform GitHub Reconnaissance – EdOverflow
Note: Please keep in mind, that all of this does not work if you are not signed in to GitHub. When searching for issues related…
More improvements to Attack Surface Custom Policies
Tl;dr We’ve made a few improvements to Attack Surface Custom Policies, such as viewing alerts more easily and deleting custom policies. We’ve also made a…