rev3rse security

In Investcloud, 37 dipendenti qualificati sono stati sostituiti da agenti IA. #IA #Lavoro #Investcloud

only 3 seats left for the "Advanced .NET Exploitation" September edition at RomHack (@cybersaiyanIT), come on lads, make it happen, wanna go brag about selling out 😅 grab your seat 🪑 🪑 🪑 summoning.team

Today's Bug Bounty Blogs #25 1)From an Android Hook to RCE: $5000 Bounty blog.voorivex.team/from-an-androi… 2)SOQL injection in SalesForce earned me $$$$$ rooted0x01.medium.com/soql-injection… 3)OAuth Non-Happy Path to ATO blog.voorivex.team/oauth-non-happ… 4)Breaking Down Multipart Parsers: File upload validation bypass blog.sicuranext.com/breaking-down-… 5)visit these website lostsec.xyz ahmed-tarek.gitbook.io/sec-notes 6)The Blueprint to Your First $1,000+ Bounty youtube.com/watch?v=8DnphD… 7)Subdomain Enumeration ALL KINDS! youtube.com/watch?v=6gY8cA… 8)OTX_AlienVault_URL The OTX Scraper is a Bash script designed to fetch URLs associated with a given domain from AlienVault's Open Threat Exchange (OTX) platform. github.com/Suryesh/OTX_Al… 9)ex-param is an automated tool designed for finding reflected parameters for XSS vulnerabilities. github.com/rootDR/ex-param 10)QuickSSRF - CAIDO Plugin github.com/caido-communit… Are you the author of these blogs? feel free to take the credit of yours, thanks for putting the efforts. Contact me to feature your blog in the next edition. I hope you’re having a great time with this series! Don’t forget to follow me @hetmehtaa and stay tuned for more exciting content! #infosec #bugbounty #bugbountytips #bugbountyblogs #hacking #redteam #cybersecurity #100xSecurity

Seemposium lowlevel_1 La nuova puntata è online! lowlevel_1 è uno spazio dedicato ai tecnici per discutere e analizzare le tematiche del momento 🤓 Se ti piace questo formato, condividi! youtu.be/-wwA5skOL0w

Ciao! If you enjoyed our latest research on the SicuraNext blog, you can vote for it in the Top 10 Web Hacking Techniques! portswigger.net/polls/top-10-w… - Breaking Down Multipart Parsers: File upload validation bypass - Response Filter Denial of Service (RFDoS) ❤️

Long story short: ~all multipart/form-data parsers fail to fully comply with the RFC. Here I've done some tests. blog.sicuranext.com/breaking-down-…

Come funziona il mercato delle vulnerabilità zero-day? Qual è il ruolo degli enti governativi? Quali sono le implicazioni etiche? Rispondo a queste e altre domande, nell'intervista di @rev3rsesecurity youtu.be/JkjnT-Rw-kg?si…

@glamis @Tesla lol

@rev3rsesecurity @Tesla "should I click on the square with the pole when it asks 'mark all traffic lights'?"

Am I the only one who imagines @Tesla Optimus robot sitting at a PC solving CAPTCHA?

Our very own @suidpit will present his novel #macOS research at @TheSAScon - if you want to learn more about the macOS sandbox and how to escape it make sure to be in Bali 🏝️ from Oct 22 to Oct 25 at #TheSAS2024

Response Filter Denial of Service (RFDoS): shut down a website by triggering WAF rule blog.sicuranext.com/response-filte… Published By :- Andrea Menin (@AndreaTheMiddle) #infosec #bugbounty #TogetherWeHitHarder #inbbupdatesblogs

Response Filter Denial of Service (RFDoS): shut down a website by triggering WAF rule dlvr.it/T8J3Hz #cyber #threathunting #infosec

Response Filter Denial of Service (RFDoS), misusing OWASP CoreRuleSet Great research by SicuraNext blog.sicuranext.com/response-filte…

Ataque de denegación de servicio que afecta a sitios web protegidos por un WAF La técnica RFDoS aprovecha la capacidad de un atacante para publicar contenido como comentarios o reseñas para engañar al WAF y bloquear el servidor blog.sicuranext.com/response-filte…

#WebApp_Security Response Filter Denial of Service (RFDoS): shut down a website by triggering WAF rule blog.sicuranext.com/response-filte…

Response Filter Denial of Service (RFDoS): shut down a website by triggering WAF rule blog.sicuranext.com/response-filte…

#AWS Denial of Wallet: Parliamone! youtu.be/rYQwuQCAmFk

Last week, while participating to the @intigriti LHE at @nullcon I've found an #XSS on one of the targets. As there was Akamai I had to put together a quick'n'dirty #WAF #bypass (it requires user interaction but 🤷🏿‍♂️). Here you go! #bugbountytips

Durante l'ultima live abbiamo parlato di molte cose con @Void_Sec come del mercato della compravendita di 0 day. Guarda la puntata integrale a questo link: youtube.com/live/lnUXze_Wi…

🎉 Cheers hackers! 🎊 As we bid farewell to 2023, let's celebrate together! 🎁 Like, follow, and retweet for a chance to WIN a €30 coupon for swag.shielder.com! 🏆 3 winners will be selected by EOY! #giveaways #swag