Back in 2018, I wrote about Insecure Binary Deserialization, and I'd like to give an update. Origina...
Read More
Three tools this week. Pretty cool.
Check your S3 Buckets permission:
https://github.co...
Read More
Troy Hunt has another one of his awesome data breach breakdowns. Lots to be learned here.
Troy...
Read More
Portswigger has a really nice new release - update now! Community and pro.
https://portswigger.net/b...
Read More
Compass Security built a really nice Burp plugin that helps with the reporting of findings by copyin...
Read More
Not a lot going on this week. Almost as if everyone has something else to think about.
...
Read More
Microsoft has created the Adversarial ML Threat Matrix. If you are in Machine Learning, it is certai...
Read More
Great explainer on using OWASP ZAP, instead of DotDotPwn, for directory traversal attacks. I h...
Read More
Totally forgot to do this last week, sorry.
Telerik released Fiddler Everywhere
https://www.t...
Read More
A list of Capture The Flags that are on now or forever!
https://captf.com/practice-ctf/
The s...
Read More
Microsoft open sourced their fuzzing framework
https://www.microsoft.com/security/blog/2020/09/15/mi...
Read More
Or Maypril 319 but who is counting.
Here's an OLD Visual Studio project that gets AES keys fr...
Read More