x1m

😎🍁😮‍💨

02.12.2024 18:39 — 👍 5    🔁 0    💬 1    📌 0

a man in a tuxedo and bow tie is dancing in a crowd of people . ALT: a man in a tuxedo and bow tie is dancing in a crowd of people .

new week, new opportunities!

02.12.2024 13:25 — 👍 0    🔁 0    💬 0    📌 0

First try, pretty neat haha

30.11.2024 11:32 — 👍 1    🔁 0    💬 0    📌 0

I talk about this on the pod all the time, but CSRF is dead simple. You just need to know the conditions.

I'm not gonna recite them again here, but today a new condition came up:

No Content-Type header -> no CSRF restrictions
Same-site: None
POST
= CSRF

The research:

27.11.2024 16:55 — 👍 41    🔁 5    💬 4    📌 0

The 'find' command has a reputation of being a little tricky to use, so a while back I did made a short video about it www.youtube.com/watch?v=U2fs...

26.11.2024 18:07 — 👍 34    🔁 7    💬 3    📌 1

Ekko!

24.11.2024 21:24 — 👍 1    🔁 0    💬 0    📌 0

hi bsky! woke up to a lot of new followers, how’s everyone doing this Sunday?

24.11.2024 13:07 — 👍 2    🔁 0    💬 0    📌 0

weekend just started, what are you up to? Family, friends or some cool projects?

I’ll be working on some personal projects, but first: food and Rick and Morty

Have a good one!

22.11.2024 17:06 — 👍 1    🔁 0    💬 0    📌 0

Earlier this year, Assetnote's Security Research team discovered a vulnerability in Sitecore XP (CVE-2024-46938) that can lead to pre-authentication RCE.
Order of operations bugs are one of my favorite types of bugs :) Write up and exploit script here: assetnote.io/resources/re...

22.11.2024 05:50 — 👍 51    🔁 24    💬 1    📌 0

a cartoon character with a backpack is giving a thumbs up sign ALT: a cartoon character with a backpack is giving a thumbs up sign

22.11.2024 10:14 — 👍 1    🔁 0    💬 0    📌 0

a man wearing sunglasses and a hat is pointing at the camera . ALT: a man wearing sunglasses and a hat is pointing at the camera .

is this thing on?

22.11.2024 10:10 — 👍 2    🔁 0    💬 1    📌 0

sup

06.10.2023 12:11 — 👍 1    🔁 0    💬 0    📌 0