Portswigger’s WebSec Academy now has a section with Web LLM attacks. I’m always saying it’s a great resource and I’ll definitely do these labs soon. https://portswigger.net/web-security/llm-attacks
#69
37C3 – Breaking “DRM” in Polish trains
This talk isn’t about bug bounty. It isn’t even about the web. But it’s such a cool hacking story. In short, suspiciously, some trains in Poland were not working properly and the company that was using them hired hackers from the Dragon Sector CTF team. They reversed...
An overview of SnakeYAML deserialization vulnerabilities
If you are curious about what writing a CVE exploit looks like, this blogpost describes the process really well. Not only the exploit itself but all the preceding steps too like setting up the environment. More specifically, it’s about the CVE 2022 1471 YAML...
Top 10 web hacking techniques of 2023 – the voting is on!
The voting for 2023 Top 10 web hacking techniques has started so go ahead and take a vote. Also, the list of nominated articles is quite a good list of 2023 posts you should read. https://portswigger.net/polls/top-10-web-hacking-techniques-2023
Such a cool self-XSS → ATO on Yelp
This report is awesome. It exploits the cookie bridge functionality that allows users to stay signed in on websites in different domains. It also shows how to juggle multiple tabs when you have a self-XSS to turn it into an ATO. https://hackerone.com/reports/2089042
Migrating my JS Monitoring script to AWS
A few weeks ago, in issue 66, I showed you a python script that implements Justin Gardner’s approach to monitoring JS files. Then, in issue 68, I shared my notes from Gunnar’s presentation about serverless. In this issue, I will combine the two and I will migrate my...
Reversing and Tooling a Signed Request Hash in Obfuscated JavaScript
I think every one of us is once in a while annoyed with obfuscated JavaScript. It’s because we know we can eventually reverse everything that’s client-side but it’s time-consuming and not fun. In this blogpost, Brett Bauerhaus described not only how he manually...
How to use Burp’s Bambda mode? +examples
The search functionality in a tool like HTTP proxy is one of the most important ones. Burp recently added the Bambda mode to filter requests using code. I’ve seen some people on Twitter praising this functionality. Thus, I took a look at the documentation and I...