NIST published a document that defines terminology in the new and growing industry of security around AI. I’m no authority in this industry but @rez0 is and he described the document as “the best AI Security Publication that he’s ever seen” and that’s a very strong...
Articles by Issue
Blind XSS in Apple’s website leads to a Harry Potter quote
Sam Curry discovered a blind XSS in the email field in one of Apple’s websites and found a quote from Harry Potter left on the internal website by an employee. From a technical standpoint, this is the email address that he used: If you want to know why is this a valid...
The Find command by @TomNomNom
My terminal workflow improved drastically after watching TomNomNom’s video with STÖK about using many useful bash commands. And it was only 36 minutes… That’s why I’m very happy to see Tom publishing his own videos because I know that he uses tools you and I use daily...
Gunnar Andrews – How I Built Recon to Scale with Serverless Architecture
Even though I do identify as a manual hacker, I still once in a while have to spin up a server to test something. Or I want to run the script for, for example, diffing JS files. I’m neither good nor enjoying managing infrastructure so I’ll usually spin up a...
XSS With Hoisting
JavaScript hoisting (yes, “hoisting” and not “hosting”) is a feature of this language I hadn’t known about until recently but then I heard about it in the CTTB podcast, saw a challenge by Johan Carlsson and read a blogpost by @brutelogic. It’s a feature that allows...
3 Nginx tricks for auth bypass
Understanding Nginx and its potential misconfigurations can lead you to find many vulnerabilities. In this article, I’ll show you Nginx tricks I learnt from a CTF I played at the 37C3 conference. It’s not a task writeup - I’ll focus on parts of the task that can be...
How to find CSRFs despite SameSite cookies? CSRF Case Study
I was very curious about the CSRF case study. It’s a bug class that had been very popular but then came the SameSite cookie attribute that’s a very effective measure against this bug class. There was only one way to find out if the SameSite attribute did kill CSRFs or...
Execution of Arbitrary JavaScript in Android Application
Android hacking gets mentioned quite a lot recently on BBRE Premium Discord. I don’t know if it’s a coincidence or a trend but definitely a nice niche. Here’s another great blogpost about the setup and exploitation of an XSS....
Web AppSec Interview Questions
If you are getting ready for a job interview and you need to prepare yourself for the questions, @0xTib3rius has your back. He published a list of 55 questions on his blog, along with answers. https://tib3rius.com/interview-questions There’s also a repo here with more...
50 Shades of Vulnerabilities: Uncovering Flaws in Open-Source Vulnerability Disclosures
The Aqua Security conducted a fascinating analysis of the open-source vulnerabilities being fixed or, more precisely, the time gaps between the fixes being committed to GitHub and the official fixes are released. They even define terms like 0.5day and 0.75day which do...