Hackers don't wait, why should we? SANS 2025 Attack Surface & Vulnerability Management Survey โ We Need Your Voice! survey.sans.org/jfe/form/SV_...
29.04.2025 07:57
๐ 0
๐ 0
๐ฌ 0
๐ 0
Hackers don't wait, why should we? SANS 2025 Attack Surface & Vulnerability Management Survey โ We Need Your Voice! survey.sans.org/jfe/form/SV_...
Old school CSS escape room!
csscape-room.iamdanielmarino.com
That was fun. Took about 10 minutes of clicking around. Last two I brute-forced :) Thanks for sharing.
For instance, if your Slack workspace blocks example[.]com, share a link with an explicit port left-padded with enough zeroes, e.g. httpx//:example[.]com:000443, and your link will be unfurled.
Admittedly not much of a security impact; just a broken functionality. ๐คท
youtu.be/uI0JrHkLAXA
2/2
Respect! ๐คฉ
I couldn't help myself do a kiosk escape considering the entire table is a touch screen menu
The most fun time of the year is not Christmas! It's our hacker spaces youtu.be/u6DdqrmylZQ
We're looking for passionate cybersecurity professionals, both junior and senior roles, to join our remote pentesting team. There is a hacking challenge below... Does this sound enticing?Message me.
209.38.109.251 (Reach out if you need hints) ๐ช
Coaching a CTF team was one of last years highlights. I hope I get to do it again. www.htx.gov.sg/whats-happen...
In this podcast I am discussing things like how peneration testing is changing, modern penetration testing methodlogy, and more. www.youtube.com/watch?v=kRwG...
In case the post gets taken down, here is a screenshot.
ORM vs Raw SQL queries - Careful Either Way - www.nodejs-security.com/blog/raw-sql...
The results are in! We're proud to announce the Top 10 Web Hacking Techniques of 2024! portswigger.net/research/top...
Very cool write-up on a deanonymizing attack using Cloudflare's Cache - gist.github.com/hackermondev...
Credential stuffing โ no advanced hacking skills needed. A short 6 minute video to explain the concept www.youtube.com/watch?v=1BTF...
I'm not sure which is more frustrating: interacting with a support system run by an LLM or dealing with technicians who seem to rely solely on predefined playbooks without critical thinking...
Keeping free open-source software maintained is often an unrewarding and unrecognized effort. Thank you!
Setting up an unmarked malicous cable and it comes with a warning: "Do Not Eat"... Wow ๐
Feel like Santa Claus ๐ Bug bounty on Christmas Eve. An IDOR which at first seemed impossible to enumerate, but once I reduced the JSON object to the least parameters that would still make the request work, I found two enumerable values which ended up in a nice vulnerability. Happy holidays!
Honey, the browser plugin with godmode to your browser activity, found to rewrite afilliate links. Keep your browsers clean all, you use it for too much important stuff. www.youtube.com/watch?v=vc4y...
I don't particularly enjoy questions like these, but then again, how would you answer it? I'd say: "Start with a problem, and what you want to achieve. Seek the answers by firmly understanding the problem and the technology you operate.".
FBI PSA; Some good tips on protecting against threat actors using AI against us. My favorite is to have a secret passphrase between family members to validate on another is not AI. www.ic3.gov/PSA/2024/PSA...
Hi Matt, nice to meet you ๐ค๐
It was a commodore 64, but what happened after was truly amazing times
A common question (or rather, statement) I often hear from everyday users is, "Clearly, my phone is listening to everything I sayโI keep getting targeted ads based on my conversations." Well, they are listening, just not in the way most people think. The EFF breaks it down for us here:
Great Turkish restaurant that is, absolutely love it myself.
Ever since the Gen AI revolution started I've found myself more and more skeptical about any and all content I read. Even direct messages with people sometimes make me go ๐คจ
Intentionally vague post:
If you've pentested an org and they later have "an incident," I recommend you don't write speculative blog posts about how you think it maybe went down. ๐ฉ
