Welcome to another lesson of the Learning GraphQL course! It’s a series where I develop an application with GraphQL so that you and I understand it better. I also point out anything that stands out to me from the security standpoint - unclear docs, recommendations or...
Articles by Issue
Burp’s comparer inside repeater
Diff Last Response is an experimental extension in Burp’s which is kinda like having a comparer built-in to the repeater - it shows you what has changed in the response between the last 2 requests. It looks a bit odd because of the background the colour and the font...
Mass assignment vulnerabilities
Mass assignment is an authorization-related vulnerability class. It’s actually quite an easy one to understand and also to quickly search for in a big codebase. Mass assignment example Let’s start with an example. A developer wants to create an endpoint to register a...
Cloud learning resource
Recently, one of the BBRE Premium subscribers asked on our Discord server about resources to learn AWS. As I know little to nothing about AWS, I had to reach out to my good cloud-oriented friend, @_pkusik and he recommended me A Cloud Guru . I thought I would share it...
Browser security resources
Cezary Cerekwicki, head of product security at Opera, compiled a list of browser security learning materials. It’s definitely for you if you are interested in hacking browsers but even if you’re not, there are some references like Public Suffix List or whitepapers...
Bug bounty isn’t a ‘get-rich-quick’ scheme
Ajax Chapman shared some thoughts about the bug bounty industry and the takeaway for me is that, contrary to somewhat popular expectation, it’s not a get-rich-quick scheme and it takes a lot of work to become successful. I think that for most people in my audience...
Second Order Subdomain Takeovers and unusual DoS
In another episode of Bug Bounty Redacted, shubs showed us two unusual bugs: a second order subdomain takeover an account-level DoS somewhat similar to a pre-account takeover https://www.youtube.com/watch?v=tZxHEp_baMo
DOM clobbering
I think it’s really rare in our industry to see a well-written and detailed article about a non-beginner-level topic. So I’m that much happier to see this article by 0xGodson about DOM clobbering. It’s a complex subject and I never really invested time into...
Learning GraphQL #2 – mutations
In the last lesson from this course, we covered basic queries, arguments, aliases, fragments and variables. In the meantime, I also started creating my own server that relies on GraphQL. So far, it’s pretty much a hello world example but over this course, I will...
2022-style OAuth account takeover on Facebook – $45,000 bug bounty
For those of you who didn’t see it yet, last week I published a video about an account takeover on Facebook. It was very similar to the Oauth attacks described in the previous newsletter and I suspect we will see more of these in 2022. So if you are not familiar with...