GitLab bug bounty program is so cool they make AMAs with their top hackers. In this playlist on YouTube, you can hear from great hunters covered on my channel like Alex Chapman, William Bowling and Johan Carlsson. It’s always worth hearing what these guys have in...
#32
Salesforce SOQL injection resources
Jason Haddix asked on Twitter for some tips about SOQL injection in Salesforce and there are some great resources linked there. I haven’t been hacking Salesforce for a while now but I remember from my pentesting days that it’s been an absolute mess so I want to have...
SVG cheatsheet
Allan Wirth created a cheat sheet with possible things you can try when working with SVG files. Importantly, XSS isn’t the most you can do with it because sometimes, the server processes the file and then it may be susceptible to SSRFs, LFIs and even RCEs....
Web3 Learning Corner #7 – the hourly rate of a top smart contract auditor
Capture the Ether On Capture the Ether, I did two tasks: Token Sale Token whale Both of them were about over/underflows which is no longer the case in later versions of Solidity but I still think it’s good to have these fundaments. How The Opyn Ethereum Contract was...
Escalating admin access to RCEs in common software
Awesome RCE techniques is a repository that includes ways to escalate account takeovers to RCEs in systems like WordPress, Drupal or Jenkins. They are not zero-days or some new attack techniques but they can often make your report a higher severity....
Bypassing client-side XSS filters
Bypassing filters is one of my favourite things in security. I like to find bugs where developers don’t expect it but It gives even me more satisfaction when I find a bug which the developer tried to prevent, for example, by implementing a client-side XSS filter....