DeepWiki | AI documentation you can talk to, for every repo
DeepWiki provides up-to-date documentation you can talk to, for every repo in the world. Think Deep Research for GitHub - powered by Devin.
The past few weeks have been quiet, but weโre back!
๐ ๏ธ deepwiki.com
๐ ๏ธ github.com/AsyncFuncAI/...
๐ชฒ blog.trailofbits.com/2025/04/23/h...
๐ ๏ธ github.com/quarkslab/pr...
๐ก๏ธ hdm.io/decks/Charti...
04.05.2025 22:37 โ ๐ 5 ๐ 3 ๐ฌ 0 ๐ 0
Your face when you realize your next security code review is on a Clojure codebase...
20.04.2025 23:10 โ ๐ 1 ๐ 0 ๐ฌ 1 ๐ 0
!exploitable Episode Three - Devfile Adventures ยท Doyensec's Blog
!exploitable Episode Three - Devfile Adventures
โผ๏ธ blog.doyensec.com/2025/03/18/e...
๐จ workos.com/blog/samlstorm
๐ค๏ธ projectdiscovery.io/blog/discour...
โ๏ธ labs.watchtowr.com/by-executive...
โค๏ธ tmpout.sh/4/
๐ผ labs.watchtowr.com/bypassing-au...โจโจ
Get our weekly news direct to your mailbox: pentesterlab.substack.com
23.03.2025 22:00 โ ๐ 2 ๐ 0 ๐ฌ 0 ๐ 0
If people spent as much time actually learning hacking as they do optimizing how to learn hacking, theyโd be a lot better at it. Just start. Break things. Learn. Repeat.
20.03.2025 09:18 โ ๐ 4 ๐ 0 ๐ฌ 0 ๐ 0
Sign in as anyone: Bypassing SAML SSO authentication with parser differentials
Critical authentication bypass vulnerabilities were discovered in ruby-saml up to version 1.17.0. See how they were uncovered.
What a week! SAML&Ruby, PHP&XXE and so much more!
๐จ github.blog/security/sig...
๐ง๐ปโ๐ป seeinglogic.com/posts/visual...
๐คฏ swarm.ptsecurity.com/impossible-x...
๐ป scrapco.de/blog/analysi...
More details in our blog: pentesterlab.com/blog/researc...
#PentesterLabWeekly
16.03.2025 22:21 โ ๐ 3 ๐ 2 ๐ฌ 0 ๐ 0
12.03.2025 21:51 โ ๐ 5 ๐ 3 ๐ฌ 0 ๐ 0
Exploring the DOMPurify library: Hunting for Misconfigurations (2/2). Tags:Article - Article - Web - mXSS
Exploring the DOMPurify library: Hunting for Misconfigurations (2/2)
Articles worth reading discovered last week:
๐ mizu.re/post/explori...
โ๏ธ devanshbatham.hashnode.dev/fragility-of...
๐ซ www.wiz.io/blog/nvidia-...
๐ www.reversinglabs.com/blog/rl-iden...
๐ฅ brutecat.com/articles/lea...
17.02.2025 02:58 โ ๐ 7 ๐ 5 ๐ฌ 0 ๐ 0
I Donโt Want My Devs to Become Hackers! - PentesterLab's Blog
Discover why encouraging developers to learn ethical hacking boosts security, reduces bugs, and fosters a proactive security culture in your organization.
Think teaching devs to hack is risky?
In reality, a bit of hacking knowledge helps them spot vulnerabilities early and build stronger apps.
Discover why having devs with a 'hacker mindset' is a win for security:
pentesterlab.com/blog/why-dev...
13.02.2025 18:21 โ ๐ 2 ๐ 1 ๐ฌ 0 ๐ 0
PentesterLab: Learn with our API Badge
The API badge is our set of exercises created to help you learn API testing. The first few challenges are based on challenges you already solved to get you more confident with API testing and review y...
๐จ Just launched: Two brand-new API Mass Assignment labs!
Ready to level up your #API hacking skills? Dive into realistic scenarios & learn how to exploit hidden parameters:
1๏ธโฃ API Mass Assignment 01
2๏ธโฃ API Mass Assignment 02
pentesterlab.com/badges/api/
03.02.2025 22:57 โ ๐ 5 ๐ 2 ๐ฌ 1 ๐ 0
Common OAuth Vulnerabilities ยท Doyensec's Blog
Common OAuth Vulnerabilities
Articles worth reading discovered last week:
๐ค blog.doyensec.com/2025/01/30/o...
โ ๏ธ www.feistyduck.com/newsletter/i...
๐ pathonproject.com/zb/?871f0933...
And as always, itโs in our blog: pentesterlab.com/blog/researc...
#PentesterLabWeekly
02.02.2025 21:50 โ ๐ 6 ๐ 3 ๐ฌ 0 ๐ 0
Iโm excited to share that in a few weeks Iโll be heading to the US for a series of talks and workshops focused on security code review and JWTโand Iโll be bringing some
@pentesterlab.com swag along too!
29.01.2025 23:33 โ ๐ 5 ๐ 2 ๐ฌ 1 ๐ 0
Learn Web Pentesting: Invariants and Feedback Loops
Learn Web Pentesting techniques by leveraging invariants and short feedback loops to efficiently crack MongoDB IDOR and enhance your security skills.
Invariants + Short Feedback Loops = your secret weapon ๐ก๏ธ in web hacking & exploit dev! โจโจ
Validate assumptions locally, iterate fast โก, and say goodbye to endless 10-minute test cycles โฑ๏ธ.โจ
Master these two techniques and watch your productivity skyrocket ๐ :
pentesterlab.com/blog/invaria...
28.01.2025 23:17 โ ๐ 4 ๐ 3 ๐ฌ 0 ๐ 0
Minimal Changes Vulnerability Testing: Why Less is More in Security
Discover how a systematic, minimal-change approach to vulnerability testing can expose weaknesses that full-exploitation attempts often overlook. By making only small, essential adjustments, you reduc...
Jumping straight into โfull exploitationโ can lead to confusion and missed bugs.
Instead, focus on minimal, incremental changes to isolate vulnerabilities. Itโs a simple shift that reduces false negatives and clarifies which step triggers the bug.
pentesterlab.com/blog/minimal...
27.01.2025 21:55 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0
Scoping a Security Code Review - PentesterLab's Blog
Learn how to scope a security code review effectively to balance depth, coverage, and cost. Discover key strategies to identify vulnerabilities and deliver value-driven results.
Scoping a security code review? Donโt fall into these traps:
๐ซ Too little time = missed issues
๐ซ Too much time = wasted resources
Learn how to balance depth, coverage & cost while delivering tailored artefacts like SAST rules for long-term security.
๐ pentesterlab.com/blog/scoping...
07.01.2025 00:01 โ ๐ 2 ๐ 1 ๐ฌ 0 ๐ 0
The single best thing you can do to crush your goals in 2025:
Limit your phone usage to just 1 hour a day. ๐๐ต
02.01.2025 03:37 โ ๐ 6 ๐ 1 ๐ฌ 0 ๐ 0
WOOOOT ? poke @pentesterlab.com
01.01.2025 19:19 โ ๐ 2 ๐ 1 ๐ฌ 0 ๐ 0
