N7x

joined 2 years ago
sorted by: new top controversial old
4
Feedback open until 31 of August for CVSS 4.0 (www.first.org)
submitted 2 years ago by N7x to c/cybersecurity
0 comments fedilink
5
Feedback open until 31 of August for CVSS 4.0 (www.first.org)
submitted 2 years ago by N7x to c/appsec
2 comments fedilink
3
Here’s MITRE’s top-25 CWE list — with your old vulnerability category favorites (www.reversinglabs.com)
submitted 2 years ago by N7x to c/appsec
0 comments fedilink
4
OWASP Top 10 for LLMs - 0.5 (owasp.org)
submitted 2 years ago by N7x to c/appsec
0 comments fedilink
2
Testing GraphQL APIs | Web Security Academy (portswigger.net)
submitted 2 years ago by N7x to c/appsec
0 comments fedilink
6
XML Security in Java (semgrep.dev)
submitted 2 years ago by N7x to c/appsec
5 comments fedilink
5
Cache Me If You Can: Messing with Web Caching (tldrsec.com)
submitted 2 years ago by N7x to c/appsec
0 comments fedilink
7
AppSec podcasts? (self.appsec)
submitted 2 years ago by N7x to c/appsec
3 comments fedilink
 

There is a nice list of Infosec podcasts here: https://infosec.pub/post/152754

What are your more specialized appsec recommendations?

8
DNS Analyzer - Finding DNS vulnerabilities with Burp Suite (sec-consult.com)
submitted 2 years ago by N7x to c/appsec
1 comments fedilink
 

A brand-new Burp Suite extension for discovering DNS vulnerabilities in web applications.

4
Bypassing CSP via DOM clobbering (portswigger.net)
submitted 2 years ago by N7x to c/appsec
1 comments fedilink
 

You might have found HTML injection, but unfortunately identified that the site is protected with CSP. All is not lost, it might be possible to bypass CSP using DOM clobbering, which you can now detect using DOM Invader! In this post we’ll show you how.

We’ve based the test case on a bug bounty site, so you’re likely to encounter similar code in the wild. If you’re unfamiliar with DOM clobbering then head over to our Academy to learn about this attack class and solve the labs.

Cybersecurity communities in c/newcommunities@lemmy.world
[–] N7x 1 points 2 years ago

Thank you!

Threadiversal Travel - A guide for Lemmy, Kbin and general Reddit off-ramping in c/infosecpub
[–] N7x 2 points 2 years ago

Thank you for this!

Set default language to English in c/infosecpub
9
Bypassing CSP via DOM clobbering (portswigger.net)
submitted 2 years ago by N7x to c/cybersecurity
0 comments fedilink
 

You might have found HTML injection, but unfortunately identified that the site is protected with CSP. All is not lost, it might be possible to bypass CSP using DOM clobbering, which you can now detect using DOM Invader! In this post we'll show you how.

We've based the test case on a bug bounty site, so you're likely to encounter similar code in the wild. If you're unfamiliar with DOM clobbering then head over to our Academy to learn about this attack class and solve the labs.

15
DNS Analyzer - Finding DNS vulnerabilities with Burp Suite (sec-consult.com)
submitted 2 years ago by N7x to c/cybersecurity
0 comments fedilink
 

A brand-new Burp Suite extension for discovering DNS vulnerabilities in web applications.

Apologies for the problems in c/infosecpub
[–] N7x 4 points 2 years ago (1 children)

Hello Jerry, Just wanted to say Thank you for hosting this! Seems like a great opportunity for infosec professionals to discuss topics

view more: ‹ prev next ›