Does Cybersecurity Require Programming?
Does Cybersecurity Require Programming? Source link
Category: Mix
UMBC Cyberdawgs CTF: The Hacker One
UMBC Cyberdawgs CTF: The Hacker One Source link
Bypassing a WAF by Finding the Origin IP
Bypassing a WAF by Finding the Origin IP Source link
Attacking Language Server JSON RPC
Attacking Language Server JSON RPC Source link
Hacking CI/CD (Basic Pipeline Poisoning)
Hacking CI/CD (Basic Pipeline Poisoning) Source link
ToolTime – Cloud Recon 1
ToolTime – Cloud Recon 1 Source link
Framing, Part 1: Click-Jacking Etsy – Jack
Back in October, I found a couple of issues in Etsy, which when combined could be used in a click-jacking attack. Incorrect Error Handling Pretty…
Bug bounty and the EU Cyber Resilience Act – everything you need to know
The EU Cyber Resilience Act aims to protect Europe from increasingly sophisticated cyber-threats. The first quarter of 2023 has seen significant cybersecurity legislation coming out…
limited freemarker ssti to arbitrary liql query and manage lithium cms | by mert tasci | Mar, 2023
we faced (w/ @celalerdik) an interesting ssti vulnerability on a bugcrowd’s program. we could show the traditional 49’ number when trying the ‘${7*7}’ command, also…
Advent of Cyber 2022: Day 16 SQLi’s the king, the carolers sing (Walkthrough)
Advent of Cyber 2022: Day 16 SQLi’s the king, the carolers sing (Walkthrough) Source link
How They Got Hacked Episode Fifty Eight 58
How They Got Hacked Episode Fifty Eight 58 Source link
yet another Bug Bounty Reconnaissance Framework – honoki
An example use case of bbrf, here integrating with subfinder from projectdiscovery.io Like anyone involved in bug bounty hunting, I have encountered a number of…