DAST in staging issues – Detectify Blog
TL;DR: There is a common belief that when it comes to uncovering bugs in the DevSecOps cycle, catching things early on is often better. While…
Category: Mix
Turkey Chili Recipe – nem.ec
I began with the following NY Times recipe, but modified it a lot for my tastes and ingredients I could find at the store. https://cooking.nytimes.com/recipes/1017160-texas-style-chili…
Response Shaping: How to Move from AI “Prompts” to AI Whispering
How to get consistently high-quality results from the AIs you interact with Created/Updated: March 20, 2023 Interacting with AI just became a critical skill. In…
Hacking on Bug Bounties for a Living
Hacking on Bug Bounties for a Living Source link
What is bug bounty?
What is bug bounty? Source link
How do companies respond to 0days in 3rd party software?
How do companies respond to 0days in 3rd party software? Source link
There are better options for a privacy-respecting phone
Meet the new, better Apple. Here’s how to choose your phone and set it up. Whether you think the news of Apple scanning your private…
The Mr Robot “Hack Twitch” video
The Mr Robot “Hack Twitch” video Source link
The Best Bug Bounty Recon Methodology
My first introduction to reconnaissance was Jason Haddix’s Bug Bounty Hunters Methodology. It’s the de facto standard and is still updated every year. There are…
Pre Auth Remote Command Execution (CVE-2022-36804) – Assetnote
Often when performing application security research, we come across other researchers who have found critical vulnerabilities in software that can inspire us to dig deeper…
Misconfigured JSF ViewStates can lead to severe RCE vulnerabilities
tl;dr ViewStates in JSF are serialized Java objects. If the used JSF implementation in a web application is not configured to encrypt the ViewState the…
Seguridad de iOS – Web View XSS – allysonomalley.com
Esta entrada se trata de una vulnerabilidad sencilla, pero peligrosa, que he visto en varias ocasiones. Creo que esta falla debería ser mas conocida –…