eBay is port scanning visitors to their website – and they aren’t the only ones
There’s a story going around the internet about eBay port scanning its visitors without any permission or even indication that it’s happening (without digging into…
Category: Mix
Yes, GPTs Actually Understand – Daniel Miessler
A 60-second argument and example showing that GPTs and LLMs are capable of true understanding Created/Updated: March 14, 2023 There are many who don’t see…
Why do you Duplicate so much with Bug Bounties?
Why do you Duplicate so much with Bug Bounties? Source link
What’s the most profitable bug bounty Michael has reported?
What’s the most profitable bug bounty Michael has reported? Source link
Training XSS Muscles – Brute XSS
XSS is all about practice. It requires a lot of time to print in the mind all vectors, payloads and tricks at our disposal. There…
NahamCon – Trash the Cache Write-up (Web 1000)
I recently participated in the NahamCon CTF with the team Hacking for Soju. I was unable to complete this challenge before the end of the…
My paper to-do strategy | victoria.dev
Simplify your task management strategy with my favorite hardware: paper. Coding up a to-do app may be the Hello, World of every framework, but when…
Alfred WebApp Payloads Demo (XSS & Reverse Shell Payloads!)
Alfred WebApp Payloads Demo (XSS & Reverse Shell Payloads!) Source link
Information Security News Resources
A centralized way to consume your information security news, with a focus on web application security. Save time and effort, because keeping up-to-date shouldn’t be…
Exploiting Hardcoded Keys to achieve RCE in Yellowfin BI – Assetnote
At Assetnote, we often audit enterprise software source code to discover pre-authentication vulnerabilities. Yellowfin BI had significance to us because it is a popular analytics…
Your Java builds might break starting January 13th (if you haven’t yet switched repo access to HTTPS) – Alphabot Security
Summary This blog post is a reminder that you should make sure that all your builds in the Java ecosystem access the artifact repositories (e.g.…
an Out-of-Band DNS Monitor – allysonomalley.com
I’ve been working on a few small projects while learning Go, and this one turned out to be useful enough that I thought I’d go…