#7

Why you should fail more?

Mark Rober, a Youtuber with a slightly bigger audience than me (19 million subs, only 19 million more than me) made an experiment. He gave his audience the simple coding challenge to lead the car from the start to the finish using code blocks. This doesn't matter...

How to identify an unknown secret?

pywhat is a python script that can identify what string you gave him. It's useful when you find some secret in JS or in a mobile application and you don't know did you find. Of course, it won't help with completely random secrets but it will be useful for...

The book of secret knowledge

This GitHub repo contains a mass of links and resources from the security world. Everything in one place. For us, the most interesting chapter is of course Hacking/Penetration Testing and specifically: Pentesters arsenal tools - you will definitely find here some...

Collaborating in bounties

Have you ever wondered if collaborating on bounties is right when you are a beginner? If yes then there's a good article by zseano. He interviewed 4 hackers from his BugBountyHunt3r platform that started collaborating together. They were able to find 25...

Browsing files from your VPS using Visual Studio Code

Many hackers use VPS a lot. VPS stands for virtual private server and it's basically a machine somewhere in the cloud that you control. Some benefits from using them are that you don't need to install all hacking tools on your personal machine and if your IP...

DNS takeover vulnerability

Standard subdomain takeovers are done using dangling CNAME records. This type of vulnerability is so popular that it's highly automated by now. However, it's not the only type of subdomain takeover. There's also a subdomain takeover that relies on leftover...