What’s the most profitable bug bounty Michael has reported?
What’s the most profitable bug bounty Michael has reported? Source link
Read more →Category: Mix
Training XSS Muscles – Brute XSS
XSS is all about practice. It requires a lot of time to print in the mind all vectors, payloads and...
Read more →
NahamCon – Trash the Cache Write-up (Web 1000)
I recently participated in the NahamCon CTF with the team Hacking for Soju. I was unable to complete this challenge...
Read more →My paper to-do strategy | victoria.dev
Simplify your task management strategy with my favorite hardware: paper. Coding up a to-do app may be the Hello, World...
Read more →
Alfred WebApp Payloads Demo (XSS & Reverse Shell Payloads!)
Alfred WebApp Payloads Demo (XSS & Reverse Shell Payloads!) Source link
Read more →
Information Security News Resources
A centralized way to consume your information security news, with a focus on web application security. Save time and effort,...
Read more →
Exploiting Hardcoded Keys to achieve RCE in Yellowfin BI – Assetnote
At Assetnote, we often audit enterprise software source code to discover pre-authentication vulnerabilities. Yellowfin BI had significance to us because...
Read more →
Your Java builds might break starting January 13th (if you haven’t yet switched repo access to HTTPS) – Alphabot Security
Summary This blog post is a reminder that you should make sure that all your builds in the Java ecosystem...
Read more →
an Out-of-Band DNS Monitor – allysonomalley.com
I’ve been working on a few small projects while learning Go, and this one turned out to be useful enough...
Read more →
Container security: Privilege escalation bug patched in Docker Engine
Adam Bannister 09 February 2021 at 12:47 UTC Updated: 09 February 2021 at 12:59 UTC ‘An odd one, impact wise’...
Read more →AMF parsing and XXE | Agarri : Sécurité informatique offensive
AMF parsing and XXE I recently played with two libraries parsing the AMF (aka Action Message Format) binary format: BlazeDS...
Read more →
2022 Year-End API ThreatStats™ Report
In 2022, the Wallarm Threat Research team went through almost 350,000 reports to find 650 API-specific vulnerabilities, and tracked 115...
Read more →