Application Security This Week for July 5

Happy Independence Day for my US readers!

 

BugCrowd released a really cool looking Burp extension to help find bug bounty items.

https://portswigger.net/bappstore/059343223d094d16a0a8440485bc5c5e

 

Some guidance I am using right now on a test to bypass file upload filters.

https://stazot.com/boltcms-file-upload-bypass/

 

Fantastic analysis of the SAML flaw in Palo Alto devices by my friends at TrustedSec.

https://www.trustedsec.com/blog/cve-2020-2021-pan-os-saml-security-bypass/

 

That's the news, folks.  Go hack something.

Add comment

Bill Sempf

Husband. Father. Pentester. Secure software composer. Brewer. Lockpicker. Ninja. Insurrectionist. Lumberjack. All words that have been used to describe me recently. I help people write more secure software.

 

 

profile for Bill Sempf on Stack Exchange, a network of free, community-driven Q&A sites

MonthList