Dominique Righetto

🛬Migration to @bluesky finished. bsky.app/profile/righet… 🏠I will now only post on @bluesky and @LinkedIn.

🐝It is also the case for updates about the OWASP Secure Headers Project.

🛬Migration to @bluesky finished. bsky.app/profile/righet… 🏠I will now only post on @bluesky and @LinkedIn.

@harrisja For sure 😉

@righettod hey Dominique, I'm Jason, from the ProjectDiscovery team. May I DM you? I have a question for you.

🛫Start migrating to @bluesky bsky.app/profile/righet…

Stop 👏 assuming 👏 every 👏 vulnerability 👏 write-up 👏 or 👏 talk 👏 at 👏 conferences 👏 shows 👏 the 👏 actual 👏 discovery 👏 path. What you see is the polished version—the real work is messy, full of dead ends, and intuition-driven. Embrace exploration! 🔍✨

Je te refais découvrir ce site incroyable qui regroupe pleins de layout en CSS👀 Ça s'appelle phuoc.ng/collection/css… ! Certains sont un peu gadget mais d autres sont extrêmement utile !

Did you know you can now upload SOAP API definition files directly to Burp Suite Professional? 🧼 #SOAP #BurpSuiteTopTip

This week has been crazy with a lot of excellent content that should keep you busy for a while! Crypto, Sandboxes, WAF Bypasses… You can find more details in our blog: pentesterlab.com/blog/research-… 🗞 dustri.org/b/upcoming-har… 🗞 github.com/elikaski/ECC_A… 🗞 mdsec.co.uk/2024/10/when-w… 🗞 jhftss.github.io/A-New-Era-of-m… 🗞 github.com/martinvonz/jj/… 🗞 github.com/ssl/shortboost 🗞 googleprojectzero.blogspot.com/2024/10/from-n… #PentesterLabWeekly

💡 Source used: blog.majestic.com/development/ma…

📡 OWASP Secure Headers Project: For information, we generate statistics on the use of security headers in HTTP responses for the most popular websites. These statistics are updated monthly. #appsec #appsecurity #http 📊 github.com/oshp/oshp-stat…

I'm doing a talk at the @OWASPBrisbane meetup on the 18th of November on Code Review, JWT, Golang... It's going to be a lot of fun and I will bring swag and stickers! meetup.com/brisbane-owasp…

New LOL project, LOLAD a collection of Active Directory techniques! 👇 lolad-project.github.io

Ever wanted to fuzz a WebSocket? We've just updated WebSocket Turbo Intruder with some new features. If you've used Turbo Intruder already, it should feel familiar :)

Interesting how signature matching in Microsoft Defender is so sensitive regarding anything related to keyword "defender". So while bypassing such detection is tedious and annoying, it can still be done quite easily, as shown below.

Following an issue, discovered during my recent analysis of a web application, I have added new methods to my defensive code snippets project for checking for path traversal payloads. #appsec #web github.com/righettod/code…

📡 OWASP Secure Headers Project: Add a header indicating the presence of the product IBM WebSphere DataPower in the call flow. #appsec #appsecurity #http 📖 #div-bestpractices_prevent-information-disclosure-via-http-headers" target="_blank" rel="nofollow noopener">owasp.org/www-project-se…

@angealbertini I just want to say: Thanks a lot for all the amazing things you share, whatever the format.

Yes, my public contributions are 'messy', whatever that means. As a single dad with full custody of several kids, I'm *quite* busy. I don't need your understanding, your 'help' nor your approval. That's just how things are.

Manim : une bibliothèque Python Open Source pour créer des animations mathématiques. Parfait pour les vidéos éducatives et les visualisations interactives. Il y a des profs de math dans notre audience ? 👉 Le projet : github.com/ManimCommunity…

Have you tried the new and improved Intruder? 😎 #BurpSuite #TopTipTuesday