A list of Capture The Flags that are on now or forever!
https://captf.com/practice-ctf/
The s...
Read More
Microsoft open sourced their fuzzing framework
https://www.microsoft.com/security/blog/2020/09/15/mi...
Read More
Or Maypril 319 but who is counting.
Here's an OLD Visual Studio project that gets AES keys fr...
Read More
Cool 10,000 foot overview of web application vulnerability assessment. Clearly written and con...
Read More
Monsoon is a fast HTTP request enumerator that allows you to run a large number of tests to try out...
Read More
Update Jenkins - there is a flaw in the HTTP renderer.
https://www.jenkins.io/security/advisory/2020...
Read More
Microsoft pushed a change to ASP.NET for a DoS vulnerability. Not only should you patch, but l...
Read More
The new Open Source Security Foundation is trying to broaden the reach of information security best...
Read More
Check your Docker API permissions. A new piece of malware has been turning cloud hosted contai...
Read More
They dropped Open Redirection from the OWASP Top 10 but, like CSRF, it is still out there. Here is a...
Read More
The Enterprise Security API for Java went to 2.2.1.0
https://github.com/ESAPI/esapi-java-legacy/blob...
Read More
Big news this week was the F5 zero day, of course, but on the application side you should review the...
Read More