Yo, new big thing: Shift.
AI seamlessly integrated into your HTTP proxy.
Use cases:
"Take this JS and build the JSON request body"
"Fill in these IDs from my notes - UserA"
"Create a match and replace rule to turn on this feature flag"
"Generate a wordlist with all HTTP Verbs"
06.12.2024 15:38 โ ๐ 11 ๐ 5 ๐ฌ 1 ๐ 1
@orange.tw welcome!
28.11.2024 11:24 โ ๐ 31 ๐ 5 ๐ฌ 1 ๐ 0
A tutorial on how to write alt-text, with the famous "capybara with yellow fruits" as an example
Hereโs some tips on how to design an alt-text
โฌ๏ธ
16.11.2024 21:17 โ ๐ 13 ๐ 5 ๐ฌ 3 ๐ 0
Reverse Engineering iOS 18 Inactivity Reboot
Wireless and firmware hacking, PhD life, Technology
How does the new iOS inactivity reboot work? What does it protect from?
I reverse engineered the kernel extension and the secure enclave processor, where this feature is implemented.
naehrdine.blogspot.com/2024/11/reve...
17.11.2024 21:42 โ ๐ 282 ๐ 107 ๐ฌ 12 ๐ 11
let wrapper = document.createElement("div")
document.body.append(wrapper)
let anchor = document.createElement("a")
/*1*/ anchor.href = "//<style onload=alert()>"
/*2*/ anchor.href = "<style onload=alert()>"
/*3*/ anchor.href = "https://a.a/<style onload=alert()>"
/*4*/ anchor.href = "https://a.1/<style onload=alert()>"
/*5*/ anchor.href = "a:<style onload=alert()>"
wrapper.innerHTML = anchor.href
Specification challenge! โ๏ธ
Which (if any) of the href values (1-5) would pop an alert in this scenario?
๐ No testing, just thinking!
โ ๏ธ Warning: answers in comments
(bonus: why/why not)
18.11.2024 08:47 โ ๐ 14 ๐ 3 ๐ฌ 8 ๐ 1
I've made a start on one for the people I've found so far. Who else is good people to add?
go.bsky.app/NRP3ecE
28.10.2024 22:20 โ ๐ 36 ๐ 19 ๐ฌ 8 ๐ 1
TGIF yโall ๐
25.08.2023 22:06 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0
this app reminds me of the old twitter, quite a nice change of pace
20.08.2023 16:50 โ ๐ 9 ๐ 0 ๐ฌ 0 ๐ 0
CEO Of Red Queen Dynamicsโฆ๏ธSenior Fellow for Global Cyber Policy at the Council on Foreign Relationsโฆ๏ธ EFF Board of Directorsโฆ๏ธshe/her โฆ๏ธ
Sabotage pirate strongholds, extract critical intel, outsmart deadly rivals, and uncover hidden conspiraciesโall while staying in the shadows.
Wishlist: https://store.epicgames.com/en-US/p/age-of-rust-001afd
Founder @ Seats.aero. Travel/points, application security, security research, etc.
The Worlds Most Popular Web App Scanner.
IT Sec guy, zaproxy co-lead, WSTG co-lead, VWAD co-lead, OWASP Ottawa volunteer, Hacโบ3r, supporter of oxford commas, #INTJ. (Opinions == mine) ๐
We improve the security of apps with community-led open source projects, 260 local chapters, and tens of thousands of members worldwide. Famous for OWASP Top 10
Probably the most modern and sophisticated insecure web application. Only we offer a 100% @owasp.org Top Ten incompliance guarantee! Skeets by @bkimminich.bsky.social
#OWASP London Chapter
Follow us on X/Facebook/Meetup/Eventbrite/LinkedIN/YouTube. Mastodon: https://infosec.exchange/@owasplondon
๐ Webpage: https://owasp.org/london
๐ Meetup: https://meetup.com/OWASP-London
๐บ YouTube: https://youtube.com/OWASPLondon
The OWASP Chapter for Canada's Capital region.
https://owasp.org/ottawa/
Join us for monthly meetups discussing a variety of security topics.
Hacker, coder, climber, runner, triathlete.
Always learning.
Co-flounder of SteelCon
We are a leading provider of software and learning on web security. We make Burp Suite and the Web Security Academy.
Founder and Chief Swig at PortSwigger. Creator of Burp Suite and the Web Security Academy. Author of The Web Application Hacker's Handbook.
Software Engineer at PortSwigger and Man City season ticket holder
OWASP London Chapter Leader. #OWASP Global Board Member. OWASP Nettacker Project Leader. #AppSec Consultant, #CISSP. Follow me on Twitter/X and Mastodon https://twitter.com/securestep9 https://infosec.exchange/@securestep9
Web App (mostly) Hacker @NetSPI | Cybersecurity Educator | Content Creator | Ex-Brit | Links: http://linktr.ee/tib3rius (he/him) ๐บ๐ธ A mostly unserious person.
Friendly AppSec Ghost ๐ป
https://appsecg.host
Father,Husband,Software Security Architect, Ethical Hacker,Musician,& Karate Geek.OWASP Ottawa Chapter Leader/OWASP Chapter Committee Secretary. Trying to learn Kendo. Devious-Plan.com founder. He/Him
๐๐จ๐ฆ
