The Story of the Million Dollar Bounty
On the evening of January 30th, I checked my phone one last time before going to bed as we millennials do to simulate waking up…
Category: Mix
A guide on how to supercharge your hacking
Approaching a target to hack can feel like climbing a mountain. You may face large scopes, confusing applications, complex user hierarchies…the list goes on. The…
Major improvement to web crawling, more customization, and new tests
More flexibility when viewing all of your assets Many security teams have thousands – if not hundreds of thousands! – of known assets and unknown…
Exploring PathLib – A path manipulation library for .Net
PathLib is available on NuGet and its source can be found on Github Why a library for paths? Paths are commonly used in programming, from…
Calling Out The Security Community on AI
We can’t curmudgeon users into being safer online Created/Updated: March 20, 2023 I want to call out our community for a second on AI. And…
Fundamentals of Bug Bounty Recon
Fundamentals of Bug Bounty Recon Source link
Bugcrowd Security Flash – Microsoft TCP/IP Vulnerability: What You Need To Know
Bugcrowd Security Flash – Microsoft TCP/IP Vulnerability: What You Need To Know Source link
$3,133.70 XSS in golang’s net/html library – My first Google bug bounty
$3,133.70 XSS in golang’s net/html library – My first Google bug bounty Source link
A GitHub guide for non-technical leaders
How leaders can get to where the work happens and take part in business decisions on GitHub. As I write this, the front page of…
Nahamsec interviews Todayisnew – securibee
Interview note that during these interviews I also moderate so quality may vary. Profile Eric Had great teachers in high school No college No certificates…
Server Side Request Forgery in Jira Server (CVE-2022-26135) – Assetnote
Summary Jira Core & Jira Service Desk are vulnerable to server-side request forgery after authenticating. In some cases, it is possible to leverage open sign…
Frida and Objection – allysonomalley.com
This post is part 3 of a series giving an overview of the most useful iOS app pentesting tools. ‘Frida’ is a dynamic instrumentation tool…