Home Classic Look

👩‍💻IW Weekly #108: PostMessage for XSS, Smart Contract Security, Admin Panel Takeover, DOM-XSS to ATO, Process Injection With C, Privilege Escalation and many more …

Welcome to the #IWWeekly93 - the Monday newsletter that brings the best in Infosec straight to your inbox. To help you out, we have 5 Articles, 4 Threads, 3 Videos, 2 Job Alerts and a Special Item...

Apr 29, 2024 newsletter, xss, takeover, security

jub0bs/cors: a better CORS middleware library for Go

TL;DR ¶ I’ve just released jub0bs/cors, a new CORS middleware library for Go, perhaps the best one yet. It has some advantages over the more popular rs/cors library, including a simpler API, better...

Apr 27, 2024

👩‍💻IW Weekly #107: CVE-2024-0333, $50,000 for hacking Google A.I, Auth-Bypass via Response Tampering, HTTP Request smuggling case study, Telegram RCE and many more…

Welcome to the #IWWeekly107 - the Monday newsletter that brings the best in Infosec straight to your inbox. To help you out, we have 5 Articles, 4 Threads, 3 Videos, 2 Job Alerts and a Special Ite...

Apr 22, 2024 newsletter, cve, rce, auth, bypass, google

4 bug bounty mistakes and how to avoid them

Getting into bug bounties is no easy task, we know. There’s so much to consider and your path to becoming a bug bounty hunter can vary in so many ways. Bug bounty hunting can be fraught with challe...

Apr 17, 2024 bounty

👩‍💻IW Weekly #106: Hacking ICON Blockchain, BatBadBut Vulnerability, DOM XSS to ATO, Starbucks Hack, Bypassing Phone Number Verification and many more…

Welcome to the #IWWeekly106 - the Monday newsletter that brings the best in Infosec straight to your inbox. To help you out, we have 5 Articles, 4 Threads, 3 Videos, 2 Job Alerts and a Special Item...

Apr 15, 2024 newsletter, xss, bypass

👩‍💻IW Weekly #105: XZ Utils Backdoor, DOMPurify Bypass, Secondary Context Bugs, Hacking ISPs, Email Verification Bypass, Gesture Jacking and many more…

Welcome to the #IWWeekly93 - the Monday newsletter that brings the best in Infosec straight to your inbox. To help you out, we have 5 Articles, 4 Threads, 3 Videos, 2 Job Alerts and a Special Item...

Apr 8, 2024 newsletter, bypass

👩‍💻IW Weekly #104: ClickHouse, Velociraptor, WAF bypass techniques, Path Traversal Vulnerabilities, io_uring Vulnerability in Ubuntu, Shockwave Attack Surface Management, .NET Remoting Exploits, Github dorks and many more…

Welcome to the #IWWeekly93 - the Monday newsletter that brings the best in Infosec straight to your inbox. To help you out, we have 5 Articles, 4 Threads, 3 Videos, 2 Job Alerts and a Special Item ...

Apr 1, 2024 newsletter, bypass, waf, exploit, github

👩‍💻IW Weekly #103: $35K Bounty, Nuances of Aggressive Scans, DLL Side-Loading, Hacking 3 Million Hotel Key Cards, WAF Bypassing Variants and many more…

Welcome to the #IWWeekly103 - the Monday newsletter that brings the best in Infosec straight to your inbox. To help you out, we have 5 Articles, 4 Threads, 3 Videos, 2 Job Alerts and a Special Item...

Mar 25, 2024 newsletter, bypass, waf, bounty

Making desync attacks easy with TRACE

Have you ever found an HTTP desync vulnerability that seemed impossible to exploit due to its complicated constraints? In this blogpost we will explore a new exploitation technique that can be used...

Mar 19, 2024

👩‍💻IW Weekly #102: Raining RCEs on Citrix, Microsoft Outlook and Fortigate, Security flaws in ChatGPT and third-party plugins, CRLF Injection, and many more…

Welcome to the #IWWeekly102 - the Monday newsletter that brings the best in Infosec straight to your inbox. To help you out, we have 5 Articles, 4 Threads, 3 Videos, 2 Job Alerts and a Special Item...

Mar 18, 2024 newsletter, crlf, rce, security, microsoft

1
2
3
...
23
1 / 23