![[tl;dr sec] #168 - GCP and Azure Storage Threat Models, macOS Security, Red Team Resources](https://cybernoz.com/wp-content/uploads/2023/04/tldr-sec-168-GCP-and-Azure-Storage-Threat-Models-scaled.jpg "[tl;dr sec] #168 - GCP and Azure Storage Threat Models, macOS Security, Red Team Resources 1")
[tl;dr sec] #168 – GCP and Azure Storage Threat Models, macOS Security, Red Team Resources
Hey there, I hope you’ve been doing well! Semgrep in EU I was a bit sleepy when I was finishing...
Read more →Category: Mix
A Pentesters Introduction To The New OWASP API Top 10 – 2023 RC
A Pentesters Introduction To The New OWASP API Top 10 – 2023 RC Source link
Read more →![[www.32red.com] Reverse proxy misconfiguration leads to 1-click account takeover](https://cybernoz.com/wp-content/uploads/2023/04/www32redcom-Reverse-proxy-misconfiguration-leads-to-1-click-account-takeover.png "[www.32red.com] Reverse proxy misconfiguration leads to 1-click account takeover 6")
[www.32red.com] Reverse proxy misconfiguration leads to 1-click account takeover
Kindred Group disclosed a bug submitted by sw33tlie: https://hackerone.com/reports/1632973 – Bounty: $5250 Source link
Read more →
Answering your questions about Superbacked
Answering your questions about Superbacked Source link
Read more →
New features means new bugs. Sometimes new features designed to… | by Sean (zseano)
Sometimes new features designed to generate revenue for a company can be rushed and sometimes not enough thought has gone...
Read more →
Persistent XSS (Unvalidated oEmbed) at Medium.com | by Jonathan Bouman
Proof of concept Are you aware of any (private) bug bounty programs? I would love to get an invite. Please...
Read more →
5 Tips Bug Bounty Programs *Want* You to Know About | by d0nut
This is the only good CC0 image I could find If you’re not aware, I joined Dropbox’s security team last...
Read more →
Q: PENTEST VS BUGBOUNTY? (Bounty Thursday’s – ON AIR)
Q: PENTEST VS BUGBOUNTY? (Bounty Thursday’s – ON AIR) Source link
Read more →
ROP and Roll: EXP-301 Offensive Security Exploit Developer (OSED) Review and Exam
The Windows User Mode Exploit Development (EXP-301) course and the accompanying Offensive Security Exploit Developer (OSED) certification is the last...
Read more →
Exploiting Markdown Syntax and Telescope Persistent XSS through Markdown (CVE-2014-5144)
Exploiting Markdown Syntax Markdown is wonderful. In fact, this blog post itself is written in Markdown. I don’t need to...
Read more →
Bypassing Apple’s iOS 10 Restrictions Settings – Twice
By default, Apple has a feature that allows all of their iOS devices to be assigned restrictions, so that employees and mostly...
Read more →