#10

Hotspots

Today, many of us are in a constant rush and with more to do than time for it. Many things are postponed to "when we finish X" which never comes because life always gives us new duties. We have so much to do that we have no time to think about what we should...

CodeQL and bugs in NSA’s application

Let's come back to the subject of source code review and CodeQL. CodeQL is a source code analysis tool that does more than just grepping the code for patterns. It runs a semantic analysis - it understands the code just like a compiler or interpreter. CodeQL tries...

Mistakes pentesters do in bug bounty

One more article from hakluke today: "HOW TO SUCCEED IN BUG BOUNTIES AS A PENTESTER". I like this one in particular. Why? Because I was in the exact same spot in 2019 as hakluke mentions in the article. I had 1 year of experience in pentesting, I could do a...

10 tips for beginner bug bounty hunters

Here are 10 tips from hakluke for crushing bug bounty in your first year. Watch the video here or read my notes here if you prefer. First, starting from nothing is hard. Even if you are coming from a security background, eg you were a pentester. Unlike in the video,...

Finding bugs in regexes, even if you don’t know them well

Incorrect fixes for bugs often originate from badly written regular expressions. Regexes are not as hard as they seem at the beginning but they are also not easy to read and definitely not easy to write. Where are they used? In many places, for example when trying to...

Cross-site WebSocket hijacking

WebSockets are an asynchronous way of communication between the browser and the server. It's the perfect fit for any live functionalities like chats or live statistics. From my experience, developers are often unaware of the risks associated with using WebSockets....

All you need to know about reverse proxies

Almost all applications these days use some kind of reverse proxy. The more components, the more vulnerabilities and reverse proxies are not an exception. Whereas there are many benefits of using them, vulnerabilities like request smuggling, cache poisoning or...

How to do Code Review and where to find the code?

Shubs has a really good presentation on the OWASP DevSlop YouTube channel about reviewing the source code. Importantly, he also dedicated some time to tell us where to even find source code if we are auditing something that's not open source. As he says, often...