Join us

heartPosts from the community tagged with cybersecurity...
Story
@tutorialboy24 shared a post, 2 years, 8 months ago
tut

Spring Actuator - Stealing Secrets Using Spring Actuators - Part 1:

Amazon Web Services Blogger Bugcrowd InfoSec Writeups

Spring is a set of frameworks for developing Applications in Java. It is widely used, and so it is not unusual to encounter it during a security audit or penetration test. One of its features that I recently encountered during a Whitebox audit is actuators. In this series of articles, I will use the..

Blue Sky Photocentric Youtube Channel Art.png
Dev Swag
@ByteVibe shared a product

Coder by day hacker by night - Developer / Programmer / Software Engineer Kiss Cut Sticker

#developer  #merchandise  #swag 

👨‍🚀 ByteVibe, a space out of space 👨‍🚀 ─ ✅ White or transparent✅ Durable color / long lasting✅ Durable material✅ Vibrant colors✅ Grey adhesive left side for white stickers✅ 100% vinyl with 3M glue✅ Gl...

Ad
www.faun.dev shared an ad

#ad  #sponsored 
Story
@tutorialboy24 shared a post, 2 years, 8 months ago
tut

Turning cookie based XSS into account takeover

Amazon Web Services Blogger Bugcrowd Firebase JavaScript Infovis Toolkit

EpilogueI reported the exploitation scenario and was rewarded €500, as the impact was high. Be patient, don’t give up, and think out of the box. In this case, I used the company’s service to exploit the bug.Source :- https://tutorialboy24.blogspot.com/2022/09/turning-cookie-based-xss-into-account.ht..

xss.png
Story
@tutorialboy24 shared a post, 2 years, 8 months ago
tut

Exploiting Amazon Simple Notification Service Improper Validation of SigningCertUrl

Amazon Associates Amazon EC2 Amazon Web Services Blogger Amazon CloudWatch

IntroductionCountless applications rely on Amazon Web Services’ Simple Notification Service for application-to-application communication such as webhooks and callbacks. To verify the authenticity of these messages, these projects use certificate-based signature validation based on the SigningCertURL..

v (1).png
Story
@tutorialboy24 shared a post, 2 years, 10 months ago
tut

A Detailed Talk about K8S Cluster Security from the Perspective of Attackers (Part 1)

Kubernetes - The Easier Way

IntroductionAs a representative of cloud-native management and orchestration systems, Kubernetes (K8S for short) is receiving more and more attention. A report [1] shows that 96% of organizations are using or evaluating K8S, and its market share in production environments is Visible.The functions of..

k8s
Story
@anasnasim12 shared a post, 3 years, 1 month ago
Student

Machine Learning for Cybersecurity

Everything about Machine Learning for Cybersecurity and in-between.

ML for CS
Dev Swag
@ByteVibe shared a product

kubectl Wall calendar

#developer  #merchandise  #swag 

The wall calendar is perfect for a year calendar with one page for each month.✅ Paper: 250 gsm / 100 lb semi-glossy silk paper✅ Hanging hook for hanging calendar flexibly✅ Sturdy wire-binding✅ A4 form...

Ad
www.faun.dev shared an ad

#ad  #sponsored 
Story BridgeCrew Team
@bridgecrewio shared a post, 3 years, 5 months ago

Vulnerabilities vs. Security Misconfigurations: An Essential Primer

When you hear the term “security breach,” chances are that risks like malware or ransomware attacks come to mind. These exploits tend to feature in headlines about major cybersecurity attacks.

Screen Shot 2022-01-27 at 1.26.23 PM.png
Story
@adetomiwaj shared a post, 3 years, 5 months ago

Methodology for Malware Static analysis: Portable Executable (PE) files

Malware analysis determines if a program/file is malicious. There are two phases in malware analysis.

1_NX4Ji7IweLK4Oth9kJGscA.png
Story
@cyberpotato shared a post, 3 years, 6 months ago

Four Questions Your Information Security Team Should be Asking

The key to succeeding in information security and cyber threat intelligence is recognizing what you’re dealing with, and adapting accordingly.

1_ww3Fn4Y9jar-G1now-2reg.jpeg
Story
@kyle_hemsley shared a post, 3 years, 7 months ago

Securing Microsoft Azure AD with FIDO2 Keys — Passwordless Authentication

Azure

Azure AD is a powerful cloud-based IdP from Microsoft that many organizations have “free” access to through their M365 subscriptions for Office 365 / Exchange Online.

0_5PbNRd5eaElf5giZ.jpeg
Story
@thecybermutt shared a post, 3 years, 7 months ago

Deciphering A Caesar Cipher with Python

Python

Caesar ciphers map out characters to other characters based on a number key chosen by the designer of the Caesar cipher.

loading...