THOUGHTS THAT MATTER:
Infosec Punch:
Bug bounty methodology V4.0 — Demonstrated | by Thexssrat | Geek Culture | Medium — medium.com
Welcome to Practical Demonstration of Web Application Hacking here we are going to learn about various web vulnerabilities and how to hunt them on a target and how to exploit them . Before we begin…
WordPress Plugin Confusion: How an update can get you pwned | Kamil Vavra @vavkamil
vavkamil.cz
tl;dr: Like the novel “Dependency Confusion” supply chain attack, it is possible to take over internally developed WordPress plugins unclaimed on the wordpress.org registry. Updating the plugin might result in the RCE or installing a PHP backdoor. You can use wp_update_confusion.py to scan for potential targets. To protect your website, please read this announcement.
SANS Penetration Testing | Exploiting XXE Vulnerabilities in IIS/.NET | SANS Institute
www.sans.org
SANS Penetration Testing blog pertaining to Exploiting XXE Vulnerabilities in IIS/.NET
Analyzing source code for vulnerabilities: A how-to workshop — owaspoc on Twitch — www.twitch.tv
owaspoc went live on Twitch. Catch up on their Science & Technology VOD now.
[BugBounty] XSS with Markdown — Exploit & Fix on OpenSource | by Lê Thành Phúc | Nov, 2021 | Medium — lethanhphuc-pk.medium.com
Finding and debugging Open Sources is a fun thing. It helps me improve my pentest and programming skills. And what’s more fun when it supports bounty and CVE from huntr.dev’s platform I will have an…
Past Issues:
The Secure Edge: Daily Round-up of Infosec Blogs — Issue #15 | Revue — www.getrevue.co
The Secure Edge: Daily Round-up of Infosec Blogs — Wassup!!! Here is your fresh Today’s Newsletter packed with tons of informative things to keep you updated…
The Secure Edge: Daily Round-up of Infosec Blogs — Issue #14 | Revue — www.getrevue.co
The Secure Edge: Daily Round-up of Infosec Blogs — Here it is! #infosec Blogs.
Twitter Tadka:
See ya!
