HACKING GOOGLE is a video series on YouTube from Google about Google’s security - what teams they have, what are they doing, and what are their responsibilities. It’s really nicely filmed and edited - without a question, by a professional filmmaker. Don’t, however,...
#39
Preparing a resume
Shawn Thomas, Director of Forensics and IR at Yahoo!, created a thread about preparing a resume. Among other tips, he recommends you to put things like labs, side projects, CTFs, and similar if you have no practical experience relevant to the job. I believe that’s one...
A tool for Nginx bugs and misconfigs
Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities. I’m happy to see it because I’m quite bad with all the bugs having to do with reverse proxies and Nginx is one of most popular ones. https://github.com/stark0de/nginxpwner
Submitting High Quality Bug Bounty Reports – Tips from Behind the Curtain
Roy Davis is a security researcher and engineer with 20 years of pentesting and programming experience. He’s now managing Zoom’s bug bounty program and has some things to share with us about the bug bounty report lifecycle in a talk called “Submitting High Quality Bug...
Hiding parameters from ModSecurity WAF
There are more interesting WAF bypasses that were discovered during the 1337up0522 live hacking event. This time, by terjanq, who came back from a CTF retirement for a few hours and smashed the hardest web challenges on SEKAI CTF that I’ve played with JustCatTheFish....
RFC-induced SSRF
Sometimes, we see an absolute URI in the first request line. I saw this trick being used a few times. For example, when exploiting request smuggling. It then sends the request to your server and not the one from the Host header. I never thought about why it works and...
The hardest CTF task I’ve ever done
Last week, I published a video about a crazy task from a CTF that we’ve solved. We being me and JustCatTheFish team with which I play as a guest. Tasks on a real, ranked CTF were really hard but that just makes solving one more satisfying. This challenge involved two...
Setup for testing authorization bugs
Authorization testing is one of the security classes I rather dislike because it involves doing the same thing many times, hoping that one time it will work. Often, it’s very time-consuming. However, over the years, I became more effective with it. Today, I will share...