The biggest positive of bug bounty is that you can do it from anywhere in the world. You don't need a contract or anything. However, the other side of this coin is that you just have to trust the bug bounty program that they will do the right thing. Often, they...
#53
Where to start AI hacking?
I’ll admit that I have a strange feeling of relief because of the current AI hype. I wanted to learn something new for a long time now. There was Web3 for a while but it didn’t convince me as a user. I saw the huge bounties, I saw the success of Gary V and I thought...
Hackers are Shifting Left, Too – Spaceraccoonsec
Shift left is the trend where developers introduce security checks as early as possible in the development lifecycle. Along with some other factors, it makes the software more secure. However, every time you introduce any component to the pipeline, you also introduce...
ReconAIzer – Optimize your recon with GPT
ReconAIzer is a Burp extension that allows you to optimize recon by asking GPT for suggesting things to do. I am yet to test it but I surely will! https://github.com/hisxo/ReconAIzer
Ultimate 401 and 403 bypass methods
Klaudia from Vidoc Security wrote a blog post about various ways to bypass 401 or 403 status codes. I didn't know all of them. For example, I didn't know that in Spring Framework < 5.3, if you map your route to /admin, by default it will also be mapped to...
XSS attacks via Content sniffing
In short, content sniffing is a bug that causes the browser to interpret a response without a content-type header as HTML. This vulnerability can be exploited to smuggle XSS payloads in files like images. I was aware of this issue and had found a few XSS...
Good Web Security course for beginners
People often ask me for recommendations on a good introductory web security book or resource. While I learned from the legendary “Web Application Hacker's Handbook”, it was already out-of-date by 2017, so I hesitate to recommend it today. A course from Stanford...