내가 좋아할 만한 콘텐츠
The results are in! We're proud to announce the Top 10 Web Hacking Techniques of 2023! portswigger.net/research/top-1…
portswigger.net
Top 10 web hacking techniques of 2023
Welcome to the Top 10 Web Hacking Techniques of 2023, the 17th edition of our annual community-powered effort to identify the most innovative must-read web security research published in the last year
Google(Chromium) suddenly decided to pay me for a UI Spoofing bug reported 3 years that had been idle, and from reward potential to no potential to potential. Ok thanks?
The results are in! We're proud to announce the Top 10 Web Hacking Techniques of 2022! portswigger.net/research/top-1…
portswigger.net
Top 10 web hacking techniques of 2022
Welcome to the Top 10 Web Hacking Techniques of 2022, the 16th edition of our annual community-powered effort to identify the most important and innovative web security research published in the last
This #privacy audit looks like the first LeaveHomeSafe #pentest ever, way below commercial apps: Broken SSL validation, SD Card Leaks, 2FA Logic bypass, Screenshot leaks, several Face Recognition artifacts, etc. 7asecurity.com/blog/2022/07/l…
Serious vulnerabilities have been found in the Hong Kong government's LeaveHomeSafe COVID-19 app. @7aSecurity recently conducted a security audit that discovered numerous flaws that allow interception of the LeaveHomeSafe app and its backend servers. opentech.fund/news/7asecurit…
Confirmed! Masato Kinugawa demonstrated a 3-bug chain of injection, misconfiguration and sandbox escape on Microsoft Teams to earn $150K and 15 Master of Pwn points.
New writing about the story of 3 bug bounty reports in which I chain low severity bugs together for higher impact and less known browser tricks. Includes CSS injection, Self-XSS, Drag-Drop XSS, Cookie Bomb, Login-Logout-CSRF, and more... medium.com/@renwa/the-und…
After 5 years of work, security.txt is officially an RFC. I am pleased to announce RFC 9116: rfc-editor.org/rfc/rfc9116. I would like to use this opportunity to thank those who made this possible. Thank you. ❤️
We found a way to spoof ENS domains and were awarded a $15k bug bounty by @ensdomains 👇Check out the write-up medium.com/@hacxyk/how-we…
The results are in! We're proud to announce the Top 10 Web Hacking Techniques of 2021! portswigger.net/research/top-1…
portswigger.net
Top 10 web hacking techniques of 2021
Welcome to the Top 10 (new) Web Hacking Techniques of 2021, the latest iteration of our annual community-powered effort to identify the most significant web security research released in the last year
New blog post: "What Bypassing Razer's DOM-based XSS Patch Can Teach Us" — edoverflow.com/2022/bypassing….
Also function solve(obj, property){ if(typeof obj != 'function') { obj(property).innerHTML = '<img src=1 onerror="alert(`You win`)">'; } else { alert('You must try harder than that.'); } }
I've been meaning to create a blog for some time now, and I finally did it! For its first post I wrote about a vulnerability that allowed an attacker to leak the full URL of cross-origin redirects on Google Chrome, check it out! blog.lbherrera.me/posts/appcache…
blog.lbherrera.me
AppCache's forgotten tales
Leveraging AppCache's network section to leak the complete URL of cross-origin redirects.
‘Soft skills are the most under-researched area of the bug bounty industry’ – ‘Reconless’ YouTubers (@0xReconless ) on filling a gap in infosec education portswigger.net/daily-swig/sof…
The top 10 web hacking techniques of 2020, by @albinowax with help from @filedescriptor, @irsdl, @Agarri_FR and the entire community portswigger.net/research/top-1…
Untrusted Types just got a new UI with better filtering options and features thanks to @ThomasOrlita! Check it out! github.com/filedescriptor…
I have made a video to demonstrate how we can automate permission checks using my GitLab project "OpenAPI Security Scanner". Check it out! youtu.be/K65e5QRQ1tc Video editor: @wacms666
youtube.com
YouTube
Automating Permission Checks Using OpenAPI Security Scanner?
United States 트렌드
- 1. Branch 37.6K posts
- 2. Chiefs 112K posts
- 3. Red Cross 55.7K posts
- 4. #njkopw 9,309 posts
- 5. Lions 89.9K posts
- 6. Exceeded 5,878 posts
- 7. Binance DEX 5,171 posts
- 8. rod wave 1,697 posts
- 9. Mahomes 34.9K posts
- 10. Air Force One 58.8K posts
- 11. Eitan Mor 18.3K posts
- 12. #LaGranjaVIP 83.8K posts
- 13. #LoveCabin 1,397 posts
- 14. Ziv Berman 21.4K posts
- 15. #TNABoundForGlory 60.2K posts
- 16. Knesset 16.1K posts
- 17. Alon Ohel 18.8K posts
- 18. Tel Aviv 60.7K posts
- 19. Matan Angrest 16.8K posts
- 20. Omri Miran 16.8K posts
내가 좋아할 만한 콘텐츠
-
Frans Rosén
@fransrosen -
James Kettle
@albinowax -
publiclyDisclosed
@disclosedh1 -
Brett Buerhaus
@bbuerhaus -
Brute Logic
@BRuteLogic -
Gareth Heyes \u2028
@garethheyes -
Geekboy
@emgeekboy -
Th3g3nt3lman
@Th3G3nt3lman -
Orange Tsai 🍊
@orange_8361 -
Nicolas Grégoire
@Agarri_FR -
todayisnew
@codecancare -
Yassine Aboukir 🐐
@Yassineaboukir -
Joel Margolis (teknogeek)
@0xteknogeek -
Julien | MrTuxracer 🇪🇺
@MrTuxracer -
Tanner
@itscachemoney
Something went wrong.
Something went wrong.