Google and Apple deliver support for unwanted tracking alerts in Android and iOS
http://security.googleblog.com/2024/05/google-and-apple-deliver-support-for.html
http://security.googleblog.com/2024/05/google-and-apple-deliver-support-for.html
Google Online Security Blog
Google and Apple deliver support for unwanted tracking alerts in Android and iOS
Google and Apple have worked together to create an industry specification – Detecting Unwanted Location Trackers – for Bluetooth trackin...
GitHub - hakluke/hakip2host: hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.
https://github.com/hakluke/hakip2host
https://github.com/hakluke/hakip2host
GitHub
GitHub - hakluke/hakip2host: hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated…
hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names. - hakluke/hakip2host
The bounties for WordPress vulnerabilities has increased! You can report vulns in any of the 60K+ #WordPress plugins!
Join to the community to get started: https://discord.gg/FS6b9ghzU3
Join to the community to get started: https://discord.gg/FS6b9ghzU3
Exploit Archeology - Exploiting an old unknown Server Side Browser
https://blog.ajxchapman.com/posts/2024/05/08/exploit-archeology.html
https://blog.ajxchapman.com/posts/2024/05/08/exploit-archeology.html
Alex Chapman’s Blog
Exploit Archeology - Exploiting an old unknown Server Side Browser
I was recently hacking on a Bug Bounty target and identified an interesting API endpoint which would render user supplied HTML, and execute any included JavaScript. Exploiting Server Side Browser bugs has been a focus of mine for the past couple of years…
What is attack surface management?
https://blog.projectdiscovery.io/what-is-attack-surface-management/
https://blog.projectdiscovery.io/what-is-attack-surface-management/
ProjectDiscovery Blog
What is attack surface management?
It’s 2024, and by now it’s clear that nearly everything can be the object of a cyber attack. But knowing that doesn’t mean organizations are strategically managing and controlling their risks. In fact, a survey of over 6200 security decision makers from Trend…
Capital One Teams Up With Top-Tier Ethical Hackers at H1-305
https://www.hackerone.com/lhe/capital-one-h1-305
https://www.hackerone.com/lhe/capital-one-h1-305
HackerOne
Capital One Teams Up With Top-Tier Ethical Hackers at H1-305
Capital One and 52 highly skilled global ethical hackers came together for the organization's second live hacking event with HackerOne.
Optimizing XSS Vulnerability Detection
https://bountysecurity.ai/blogs/news/optimizing-xss-vulnerability-detection
https://bountysecurity.ai/blogs/news/optimizing-xss-vulnerability-detection
Bounty Security
Optimizing XSS Vulnerability Detection
Introduction to XSS
Cross-Site Scripting (XSS) is a security vulnerability in web applications that allows attackers to inject malicious scripts into pages viewed by other users. This can result in cookie theft, session manipulation, and other attacks that…
Cross-Site Scripting (XSS) is a security vulnerability in web applications that allows attackers to inject malicious scripts into pages viewed by other users. This can result in cookie theft, session manipulation, and other attacks that…
I/O 2024: What’s new in Android security and privacy
http://security.googleblog.com/2024/05/io-2024-whats-new-in-android-security.html
http://security.googleblog.com/2024/05/io-2024-whats-new-in-android-security.html
Google Online Security Blog
I/O 2024: What’s new in Android security and privacy
Posted by Dave Kleidermacher, VP Engineering, Android Security and Privacy Our commitment to user safety is a top priority for Android. ...
Discover RedRays a cutting-edge cybersecurity company based in the US, leading the way in SAP vulnerability research. With a track record of over 100 discoveries, they've developed an advanced SAP Certified Security Scanner capable of swiftly detecting 4100+ vulnerabilities, including zero and one-day threats, in just 1 minute!
Their platform is a game-changer for bug bounty hunters, SAP Security Consultants, and enterprises seeking top-tier protection.
Secure your company with RedRays today! 🛡️
Watch their platform in action: RedRays Platform Demo.
Their platform is a game-changer for bug bounty hunters, SAP Security Consultants, and enterprises seeking top-tier protection.
Secure your company with RedRays today! 🛡️
Watch their platform in action: RedRays Platform Demo.
Linkedin
RedRays, Inc | LinkedIn
RedRays, Inc | 866 followers on LinkedIn. RedRays is more than a mere supplier; it is an R&D hub dedicated to researching ERP software security | RedRays is not just a regular supplier, but a research and development center devoted to exploring the security…
How I Hacked One of These Big Companies (JS files analysis)
https://l0da.medium.com/how-i-hacked-one-of-these-big-companies-js-files-analysis-7cf47372b642
https://l0da.medium.com/how-i-hacked-one-of-these-big-companies-js-files-analysis-7cf47372b642
Medium
How I Hacked One of These Big Companies (JS files analysis)
السَّلاَمُ عَلَيْكُمْ وَرَحْمَةُ اللهِ وَبَرَكَاتُه
GitHub - usdAG/cstc: CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
https://github.com/usdAG/cstc
https://github.com/usdAG/cstc
GitHub
GitHub - usdAG/cstc: CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef
CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef - GitHub - usdAG/cstc: CSTC is a Burp Suite extension that allows request/response modif...
How do we solve the LEADERBOARD PROBLEM in bug bounties!?
https://www.youtube.com/watch?v=apaZYLiQpkQ
https://www.youtube.com/watch?v=apaZYLiQpkQ
YouTube
How do we solve the LEADERBOARD PROBLEM in bug bounties!?
Joel getting fired up about the leaderboard problem in bug bounties. #infosec #bugbounty #bugbounties #cybersecurity #criticalthinking #CTBBpodcast #bugbount...
Human-Powered Security: The Value of Ethical Hackers & Bug Bounty
https://www.hackerone.com/vulnerability-management/human-powered-security
https://www.hackerone.com/vulnerability-management/human-powered-security
HackerOne
Human-Powered Security: The Value of Ethical Hackers & Bug Bounty
Who is an ethical hacker, what is a bug bounty program, and why is human-powered security the best method for strengthening your security posture?
Burp Suite Enterprise Edition spring update 2024
https://portswigger.net/blog/burp-suite-enterprise-edition-spring-update-2024
https://portswigger.net/blog/burp-suite-enterprise-edition-spring-update-2024
PortSwigger Blog
Burp Suite Enterprise Edition spring update 2024
We understand the unique challenges AppSec teams face—from navigating the rapid pace of development to achieving comprehensive coverage against new vulnerabilities. That’s why we’ve focused our latest