The Best Bug Bounty Recon Methodology
My first introduction to reconnaissance was Jason Haddix’s Bug Bounty Hunters Methodology. It’s the de facto standard and is still updated every year. There are…
Category: Mix
Pre Auth Remote Command Execution (CVE-2022-36804) – Assetnote
Often when performing application security research, we come across other researchers who have found critical vulnerabilities in software that can inspire us to dig deeper…
Misconfigured JSF ViewStates can lead to severe RCE vulnerabilities
tl;dr ViewStates in JSF are serialized Java objects. If the used JSF implementation in a web application is not configured to encrypt the ViewState the…
Seguridad de iOS – Web View XSS – allysonomalley.com
Esta entrada se trata de una vulnerabilidad sencilla, pero peligrosa, que he visto en varias ocasiones. Creo que esta falla debería ser mas conocida –…
community/KCSA-CVE-2020-28914.md at main · kata-containers/community · GitHub
announcement-date: 2020-11-17 id: KCSA-CVE-2020-28914 title: Kata Containers Improper file permissions for read-only volumes description: An improper file permissions vulnerability affects Kata Containers prior to 1.11.5.…
Exploiting WPAD with Burp Suite and the “HTTP Injector” extension | Agarri : Sécurité informatique offensive
Exploiting WPAD with Burp Suite and the “HTTP Injector” extension I went last week to the ASFWS conference (“Application Security Forum – Western Switzerland”) at…
Insights into the New OWASP API Security Top-10 for CISOs
ICYMI, we recently presented A CISOs Guide to the New 2023 OWASP API Security Update. In this first of two planned webinars, Stepan Ilyin and…
Launching an InfoSec Career: My six essential tips | Security Simplified
Launching an InfoSec Career: My six essential tips | Security Simplified Source link
Bug Bounties With Bash – VirSecCon2020 Talk
Bug Bounties With Bash – VirSecCon2020 Talk Source link
[tl;dr sec] #174 – Mitigating SSRF in 2023, Isolation & Container Namespaces, Offensive AI Compilation
Hey there, I hope you’ve been doing well! Lift-ed Spirits Despite living within a few hour drive of Tahoe for over a decade, I’d never…
Linus Tech Tips Got HACKED! :o
Linus Tech Tips Got HACKED! 😮 Source link
HackerOne
Uber disclosed a bug submitted by zhero_: https://hackerone.com/reports/1790444 – Bounty: $650 Source link