If you are into mobile hacking, you should definitely check out Jason Haddix’s issues of Executive Offense newsletter number 7 and number 9. He shares a lot of mobile testing tools and in the 9th issue, there’s even an interview with Joel Margolis....
#70
A Recipe for Scaling Security from Google
I am passionate about finding bugs and, since you are reading this, you probably are, too. However, the truth is that on the scale of a huge company, fixing one bug is only one of a thousand steps that you would have to take to be secure. To take bigger steps than one...
cvemap from ProjectDiscovery
How many CVEs do you think were issued last year? 100? 1,000? 10,000? No, 24,804. Or 68 per day. It means “a” CVE doesn’t mean much. We need to find “the” CVE. The cvemap from Project Discovery is there to help us. It indexes CVEs along with attributes like the...
Popping WordPress Plugins – Methodology Brain dump
If you are into hacking Wordpress plugins, you must listen to this episode of the Critical Thinking bug bounty podcast! Ram shares a lot of unintuitive traps that are awaiting developers and tricks we can use to exploit them. After listening to the podcast, you can...
Forging signed commits on GitHub
I find reports like this one very satisfying. In short, in GitHub’s commit signing flow, there were two different components and one of them extracted the email of the author regardless of whether there was a username while the regex in another component only accepted...
ChatGPT Account Takeover – Wildcard Web Cache Deception
It might not be the first time I’m writing this but every time I read a cache deception writeup, I feel like I should be paying more attention to this bug class. Because, for example, Harel found a ChatGPT account takeover by forcing the server to cache victim’s...
Useful tricks to debug an app inside docker
Without question, the best way to analyse an open source target is by debugging. However, it doesn’t come without a cost. I have shivers when I’m thinking about installing a proper ruby version with all its gems. In fact, when writing this, I already have an OpenSSL...